HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Firewall not installed by default? (http://www.howtoforge.com/forums/showthread.php?t=47335)

Romoku 15th July 2010 01:49

Firewall not installed by default?
 
After doing some searching I figured out the firewall wasn't installed by default and I just want someone to check that I installed it alright.

I read in the comments section of the debian lenny guide to use

Code:

# apt-get install bastille -y
To install the firewall. I kept the already installed script from ispconfig. I got a weird error from psad

Code:

ERR: Syslog has not been configured to send messages to /var/lib/psad/psadfifo. Please configure it as described in psad(8).
So I googled it and found basic lowdown and the way to debug psad.

I used
Code:

# echo -e ’kern.info\t|/var/lib/psad/psadfifo’ >> /etc/syslog.conf
To fix the original error and I edited the /etc/psad/psad.conf

Code:

EMAIL_ADDRESSES <myemailaddress>;

HOSTNAME                    <myhostname>;

SYSLOG_DAEMON              rsyslogd;

### Only send email alert if danger level >= to this value.
EMAIL_ALERT_DANGER_LEVEL    3;

I went back into my ispconfig 3 webface and deleted the rule and remade.

Open TCP ports: 20,21,22,25,53,80,110,143,443,3306,8080,10000
Open UDP ports: 53,3306

and now my 'iptables -L'

Code:

administrator@web1:~$ sudo iptables -L
Chain INPUT (policy DROP)
target    prot opt source              destination
DROP      tcp  --  anywhere            loopback/8
ACCEPT    all  --  anywhere            anywhere            state RELATED,ESTABLISHED
ACCEPT    all  --  anywhere            anywhere
DROP      all  --  BASE-ADDRESS.MCAST.NET/4  anywhere
PUB_IN    all  --  anywhere            anywhere
PUB_IN    all  --  anywhere            anywhere
PUB_IN    all  --  anywhere            anywhere
PUB_IN    all  --  anywhere            anywhere
DROP      all  --  anywhere            anywhere

Chain FORWARD (policy DROP)
target    prot opt source              destination
ACCEPT    all  --  anywhere            anywhere            state RELATED,ESTABLISHED
DROP      all  --  anywhere            anywhere

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination
PUB_OUT    all  --  anywhere            anywhere
PUB_OUT    all  --  anywhere            anywhere
PUB_OUT    all  --  anywhere            anywhere
PUB_OUT    all  --  anywhere            anywhere

Chain INT_IN (0 references)
target    prot opt source              destination
ACCEPT    icmp --  anywhere            anywhere
DROP      all  --  anywhere            anywhere

Chain INT_OUT (0 references)
target    prot opt source              destination
ACCEPT    icmp --  anywhere            anywhere
ACCEPT    all  --  anywhere            anywhere

Chain PAROLE (12 references)
target    prot opt source              destination
ACCEPT    all  --  anywhere            anywhere

Chain PUB_IN (4 references)
target    prot opt source              destination
ACCEPT    icmp --  anywhere            anywhere            icmp destination-unreachable
ACCEPT    icmp --  anywhere            anywhere            icmp echo-reply
ACCEPT    icmp --  anywhere            anywhere            icmp time-exceeded
ACCEPT    icmp --  anywhere            anywhere            icmp echo-request
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:ftp-data
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:ftp
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:ssh
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:smtp
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:domain
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:www
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:pop3
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:imap2
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:https
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:mysql
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:http-alt
PAROLE    tcp  --  anywhere            anywhere            tcp dpt:webmin
ACCEPT    udp  --  anywhere            anywhere            udp dpt:domain
ACCEPT    udp  --  anywhere            anywhere            udp dpt:mysql
DROP      icmp --  anywhere            anywhere
DROP      all  --  anywhere            anywhere

Chain PUB_OUT (4 references)
target    prot opt source              destination
ACCEPT    all  --  anywhere            anywhere

Chain fail2ban-ssh (0 references)
target    prot opt source              destination
RETURN    all  --  anywhere            anywhere

Do the iptables look alright? I'm not very experienced in the lingo, yet.

till 15th July 2010 15:37

ISPConfig comes with its own copy of bastille. Please do not install it with apt, it will corrupt the firewall setup from ISPConfig!

You can enable the firewall by creating a firewall record in ispconfig under system.


All times are GMT +2. The time now is 06:50.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.