How To Install A Custom Iptables Firewall
 

Hi all
I tried to follow the howto but I noticed that the file /etc/firewall/firewall.conf.iptables is missing end this file is needed by firewall.iptables daemon.
Can anyone tell me where I can download this file or send here an example config file???

Tks in advance
Merlos

OK I found out a config file to start

http://www.penguinsecurity.net/pense...e=print&sid=39

Hope is useful for someone else...
Bye :D

Im sorry about that...
 

Yes you need that file, but most people do... if you don't this is what to do.
Put firewall.conf.iptables, firewall.dns, firewall.banned, firewall.iana-reserved, and firewall.local.iptables (remove the "-generic" from the file names) in a directory called /etc/firewall. <-- that is if my other way didnt work, its just a case of kernel directories and dependincies.

Here u go
 

Those directories are where custom dependincies, user options and data output can be stored. If a directory is missing just type in
gedit /etc/firewall/firewall.conf.iptables or anything as such and you should be good.

After Installing ISPConfig iptables wont start
 

Hi
Please help serious security problem.

After installing ISPConfig iptables won't startup.
No error what so ever.

/etc/init.d/iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter mangle nat [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]


/var/log/messages
Apr 10 00:25:24 host kernel: Removing netfilter NETLINK layer.
Apr 10 00:25:24 host kernel: ip_tables: (C) 2000-2002 Netfilter core team
Apr 10 00:25:24 host kernel: Netfilter messages via NETLINK v0.30.
Apr 10 00:25:24 host kernel: ip_conntrack version 2.4 (4094 buckets, 32752 max) - 232 bytes per conntrack

Startef firewall using IPConfig, the firewall monitor page is totally different from my iptables rule !

ps -ef | grep iptables

no iptables process !

Please help
Cheer
mebusybody

Sure, dont mix 2 iptable firewalls on the same server! Either use the ISPConfig firewall or any other firewall but not both!

The ISPConfig firewall is the bastille firewall script taht you find in your /etc/init.d directory.

Thanks for the info, sigh is 1am here. I will continue later in day
:)

Nice to see that you fixed that one up... my first firewall script was to allow ports and services the second one was to monitor them.... its true what he said. My suggestion is that if the first one didnt work, (or the second one) just use one. Ill get on fixing that problem :cool:

Hi Till
bastill-firewall is just a script, it will excute iptables or ipchain.
It seem it is calling /sbin/bastill-netfilter, in my case I have iptables installed.

Question is why ISPConfig use or what is the advantage of this script ?

Cheers
mebusybody

/sbin/bastille-netfilter is using iptables.
You can check the state of your firewall with