PDA

View Full Version : [ISPConfig3] Firewall port range


peterspoon
24th March 2009, 12:12
So, I have a short question. How to open some port range in ISPC3? When I input ports like xxx:yyy I get
ERROR
1. tcp_ports_error_regex

Should I use some other syntax? Or is it disabled? I remember it was possible in ISPC2.

till
24th March 2009, 12:32
Port ranges are disabled at the moment as the regex for the input test does not allow them. I added : to the regex, so if you upadte to the ltesat svn revision then port ranges should work now.

millipede
14th July 2009, 17:04
Hi

I am using ISPC 3.0.1.3
I am trying to open a range for passive FTP
The firewall page does accept the : now as you mentioned (thanks), but it does not open the whole range.
It seems only to open the start port:

e.g. my entry in ISPC
server.name 20,21,22,25,80,110,143,443,8810,20000:30000

and iptables -L shows:
Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:www
PAROLE tcp -- anywhere anywhere tcp dpt:pop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:8810
PAROLE tcp -- anywhere anywhere tcp dpt:20000
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

whereas our entry in question should read
PAROLE tcp -- anywhere anywhere tcp dpts:20000:30000

or am I terribly wrong here?

best regards and keep up the good work,
Christian