Firewall Rules
The Firewall Rules page allows you to manage system-level firewall rules, including protocol settings, port access, and IP restrictions.
Overview
URL: /admin/firewall-rules
This page displays a table of all active firewall rules. You can view, create, edit, or delete rules using the interface.
Action Buttons
- Fix System Ports - automatically restores firewall rules for critical system services (admin panel, HTTP, HTTPS, DNS, FTP, mail, etc.)
- + Create Firewall Rule - opens a modal to add a new custom rule
Table Columns
| Column | Description |
|---|---|
| Protocol | The network protocol for this rule: TCP or UDP. |
| Source | The source IP address. Displays Any if not restricted. |
| Source Port | The source port number. Displays Any if not restricted. |
| Destination | The destination IP address. Displays Any if not restricted. |
| Destination Port | The destination port number or port range (e.g. 443, 49152-65535). |
| Comment | A description of the rule (e.g. AdminBolt - HTTPS, FTP Passive, Mail - Dovecot). |
| Actions | Edit and Delete buttons for managing the rule. |
Default Rules
After installation, adminbolt creates a set of default firewall rules for essential services:
| Comment | Protocol | Destination Port | Description |
|---|---|---|---|
| AdminBolt - Admin | TCP | 8443 | Admin panel access |
| AdminBolt - HTTP | TCP | 80 | Web server HTTP |
| AdminBolt - HTTPS | TCP | 443 | Web server HTTPS |
| DNS TCP | TCP | 53 | DNS queries over TCP |
| DNS UDP | UDP | 53 | DNS queries over UDP |
| FTP | TCP | 21 | FTP control connection |
| FTP Passive | TCP | 49152-65535 | FTP passive mode data connections |
| Mail - Dovecot | TCP | 4190, 143 | Dovecot ManageSieve and IMAP |
| Mail - IMAP | TCP | 143 | IMAP email retrieval |
Search
You can filter rules using the search bar above the table. Search works across all visible columns including Protocol, Source, Destination Port, and Comment.
Pagination
You can adjust the number of rules displayed per page: 5, 10, 25, 50, or All.
Create Firewall Rule
Clicking the + Create Firewall Rule button opens a modal with the following fields:
| Field | Description |
|---|---|
| Protocol | Dropdown to select TCP or UDP. Defaults to TCP. |
| Source IP | The source IP address to allow. Leave blank to allow any source. |
| Source Port | The source port number. Leave blank to allow any source port. |
| Destination IP | The destination IP address. Leave blank to allow any destination. |
| Destination Port | The destination port number (required). You can specify a single port (e.g. 443) or a port range (e.g. 49152-65535). |
| Comment | A description of the rule for identification purposes. |
Note: You must fill in the Destination Port field at least. Leave the other fields blank if you want to allow all ports or addresses.
Buttons
- Execute Rule - saves and applies the new firewall rule
- Cancel - closes the modal without saving
Edit Rule
Clicking the Edit button on any rule opens the same modal pre-filled with the current rule values. You can modify any field and click Execute Rule to apply the changes.
Delete Rule
Clicking the Delete button removes the firewall rule. A confirmation dialog appears before the rule is deleted.