HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Developers' Forum (http://www.howtoforge.com/forums/forumdisplay.php?f=33)
-   -   ispconfig3 & Firewall (http://www.howtoforge.com/forums/showthread.php?t=31993)

weldpua2008 3rd March 2009 02:25

ispconfig3 & Firewall
 
Hello
I use Debian 5.0 lenny. Whan I activated default firewall rule in ISPconfig 3.0.0.9 I can't able more to get any data via http/ftp proto (apt-get update/ apt-get install ) , ping...
I find that ISPconfig use /etc/init.d/bastille-firewall and /etc/Bastille/bastille-firewall.cfg .
Where I can find how to write rule into ISPconfig3? (I need see answer in sources?)

I've run ispconfig on VPS, and can limit user root to connect any sites, except site's with updates useing:
-m owner option for iptables
For security reasons deny for php-cgi/apache/modphp access to network(for upload shell), except when client's need use external support.
Allow for chroot-ssh users upload files.

till 3rd March 2009 13:21

The ISPConfig firewall does not block any outgoing connections, it blocks only incomming connections. If you need a more fine grained control, you can use any other firewall you like on a ispconfig server.

weldpua2008 4th March 2009 00:17

Quote:

Originally Posted by till (Post 172921)
The ISPConfig firewall does not block any outgoing connections, it blocks only incoming connections. If you need a more fine grained control, you can use any other firewall you like on a ispconfig server.

I don't want change firewall. I want do some work-around changes to 100% support ISPconfig3 new releases.May be add some template, which may need by other user's, that's way I want know more about firewall use.

quentusrex 4th March 2009 19:40

How do I disable the iptables rules used by ispconfig? or how would I change them? Munin has been blocked.... on port 4949

till 4th March 2009 23:44

There is no need to change any rules manually. Just add port 4949 to the port list of the firewall in the ispconfig interface.

rexroy 21st March 2009 09:05

Hi, I am new to ISPconfig and currently testing ISPconfig 3 on Debian 5.0. I would like to implement NAT between my openvpn network and internet. Where can I edit iptables firewall rules to perform this? I even duno where is the config file for iptables, which is controlled by ISPconfig firewall function. Please help! Thanks,

falko 22nd March 2009 15:37

I think the firewall configuration is in /etc/Bastille/bastille-firewall.cfg.


All times are GMT +2. The time now is 13:44.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.