HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Feature Requests (http://www.howtoforge.com/forums/forumdisplay.php?f=31)
-   -   Removal of Bastille Firewall from ISPConfig3 (http://www.howtoforge.com/forums/showthread.php?t=59114)

concept21 16th October 2012 05:34

Removal of Bastille Firewall from ISPConfig3
 
Bastille Firewall is a legacy software which does not run on Ubuntu 10.04.

Please remove it from future ISPConfig3.

Thanks. :cool:

till 16th October 2012 08:20

Bastille Firewall runs fine on Ubuntu 10.04.

concept21 19th October 2012 18:24

Man,
Bastille has not been updated for several years. May I suggest you to replace it with CSF?? :)

till 19th October 2012 18:57

Bastille is a iptables firewall script which does everything that we need it for, so it does not matter how often it is updated as it works fine. Beside bastille, ispconfig supports ufw as firewall since 3.0.5.

tek 27th October 2012 18:56

Firewall scripts
 
I had to remove bastille also from my setup because I needed some NAT - IP masquerading setup plus a fair number of ports to be forwarded. I know there are much easier firewall scripts out there such as ufw but I am actually doing a fair amount of port forwarding and using iscsi and other bits of blackmagic and having had no choice a long time ago I had gone through the pain and suffering to get arno-iptables-firewall setup and configured.

Kind of sucks cause I am always tempted to click on firewall from the backend and I seem to recall at one point I actually did and this broke a nice long list of things as it tried to setup both firewalls to run.

while I do wish arno-iptables-firewall could be configured through there I accept the fact that might be asking for a bit much.

Since you mention ufw being supported now, I am wondering if there is a way perhaps to turn off ispconfig3 from handing it at all? Im gonna hate myself if I end up with yet another way I can shoot myself in the head.
Thanks..

concept21 27th October 2012 19:42

If you don't install Bastille, ISpconfig firewall option just does not have any effect on the system's firewall.

Then, you can install your own preferred firewall software. The startup script of Bastille can be manually removed or disabled.

Parsec 11th February 2013 04:18

Thats what I have done. I am using a simple combination of iptables + ipset + fail2ban (with ban2sql so everything is in a mysql database)

till 11th February 2013 12:58

Quote:

I had to remove bastille also from my setup because I needed some NAT - IP masquerading setup plus a fair number of ports to be forwarded. I know there are much easier firewall scripts out there such as ufw but I am actually doing a fair amount of port forwarding and using iscsi and other bits of blackmagic and having had no choice a long time ago I had gone through the pain and suffering to get arno-iptables-firewall setup and configured.
You did not had to remove it as bastille supports all kind of custom rules. Search the forum for bastille custom and you will find several threads that explain this in detail.

abdi 11th February 2013 19:08

Quote:

Originally Posted by concept21 (Post 287027)
Man,
Bastille has not been updated for several years. May I suggest you to replace it with CSF?? :)

+1 on CSF (its really a power-full firewall app)

FcbInfo 19th September 2013 00:33

Old thread but...

This is the unique reason that i'm not using ispconfig at this time.

CSF <- Just don't try to find something better than this. You can't!

Can you install csf on a server with ispconfig? Yes, you can, but this is not fully integrated with the control panel like it's working on cpanel.

CSF can do, what a hardware firewall don't do!


All times are GMT +2. The time now is 13:35.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.