HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   bastille with linux next kernel (http://www.howtoforge.com/forums/showthread.php?t=54608)

dynamind 22nd October 2011 21:18

bastille with linux next kernel not working - webserver hacked/stopped/killed
 
I compiled a fresh linux next kernel. Now at bootup it shows bastille can't be activated. Restarting it manually shows:

/sbin/bastille-ipchains: Zeile 442: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden
/sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden

In the debian packages bastille is not listed for squeeze. So I downloaded the bastille sources and started the install.sh script - it shows DB6.0 is not supported.

Maybe someone of you knows how to regain a functional bastille-firewall.

update: perfect, webserver has been hacked/stopped over night. Can you please answer this issue?

falko 23rd October 2011 19:08

Bastille is just an iptables (kernel 2.4 and newer)/ipchains (kernel 2.2) wrapper script that comes with ISPConfig, so all you need is iptables/ipchains. Make sure you compiled your kernel with iptables support.

dynamind 23rd October 2011 21:28

CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_SECURITY=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m

I used the original config-2.6.32-5-686 for compilation, looks like it's supported. iptables -L shows:


Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
fail2ban-courierpop3 tcp -- anywhere anywhere multiport dports pop3
fail2ban-courierimaps tcp -- anywhere anywhere multiport dports imaps
fail2ban-sasl tcp -- anywhere anywhere multiport dports smtp
fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp
fail2ban-courierimap tcp -- anywhere anywhere multiport dports imap2

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-courierimap (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-courierimaps (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-courierpop3 (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-pureftpd (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-sasl (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-ssh (1 references)
target prot opt source destination


All times are GMT +2. The time now is 07:07.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.