Hello
I use Debian 5.0 lenny. Whan I activated default firewall rule in ISPconfig 3.0.0.9 I can't able more to get any data via http/ftp proto (apt-get update/ apt-get install ) , ping...
I find that ISPconfig use /etc/init.d/bastille-firewall and /etc/Bastille/bastille-firewall.cfg .
Where I can find how to write rule into ISPconfig3? (I need see answer in sources?)

I've run ispconfig on VPS, and can limit user root to connect any sites, except site's with updates useing:
-m owner option for iptables
For security reasons deny for php-cgi/apache/modphp access to network(for upload shell), except when client's need use external support.
Allow for chroot-ssh users upload files.

The ISPConfig firewall does not block any outgoing connections, it blocks only incomming connections. If you need a more fine grained control, you can use any other firewall you like on a ispconfig server.

The ISPConfig firewall does not block any outgoing connections, it blocks only incoming connections. If you need a more fine grained control, you can use any other firewall you like on a ispconfig server.

I don't want change firewall. I want do some work-around changes to 100% support ISPconfig3 new releases.May be add some template, which may need by other user's, that's way I want know more about firewall use.

How do I disable the iptables rules used by ispconfig? or how would I change them? Munin has been blocked.... on port 4949

There is no need to change any rules manually. Just add port 4949 to the port list of the firewall in the ispconfig interface.

Hi, I am new to ISPconfig and currently testing ISPconfig 3 on Debian 5.0. I would like to implement NAT between my openvpn network and internet. Where can I edit iptables firewall rules to perform this? I even duno where is the config file for iptables, which is controlled by ISPconfig firewall function. Please help! Thanks,

I think the firewall configuration is in /etc/Bastille/bastille-firewall.cfg.