HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   ISPconfig 3 Bastille Firewall (http://www.howtoforge.com/forums/showthread.php?t=61153)

sheshes 26th March 2013 16:44

ISPconfig 3 Bastille Firewall
 
I have noticed that Bastille Firewall is throwing up some errors.


/sbin/bastille-ipchains: line 228: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 230: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 232: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 234: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 236: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 238: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 247: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 248: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 254: /sbin/ipchains: No such file or directory
Setting up IP spoofing protection... done.
Allowing traffic from trusted interfaces.../sbin/bastille-ipchains: line 279: /sbin/ipchains: No such file or directory
done.
/sbin/bastille-ipchains: line 293: /sbin/ipchains: No such file or directory
Setting up chains for public/internal interface traffic.../sbin/bastille-ipchains: line 336: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 338: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 341: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 343: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 347: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 349: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 352: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 354: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
done.
Setting up general rules.../sbin/bastille-ipchains: line 433: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 433: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 441: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 442: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 469: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 487: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 500: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 504: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 487: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 500: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 504: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
done.
Setting up outbound rules.../sbin/bastille-ipchains: line 566: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 566: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 580: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 586: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 587: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 592: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 592: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 596: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 596: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
done.

Also the output of iptables -L is


Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Which shows that no rules are applied.

I have everything setup in ISPconfig 3 control panel and the firewall record is there. Is this normal? Shouldn't bastille firewall be running normally?

sheshes 27th March 2013 17:26

The errors are fixed after following falko's previous thread, but can someone explain if bastille-firewall is getting correct information from ISPconfig 3 or if additional effort needs to be applied to configure the firewall properly.

The output of iptables -L after succesfully running bastille-firewall without errors is as follows.

Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- base-address.mcast.net/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain PAROLE (13 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (5 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dpt:pop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:mysql
PAROLE tcp -- anywhere anywhere tcp dpt:http-alt
PAROLE tcp -- anywhere anywhere tcp dpt:8181
PAROLE tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:mysql
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (5 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere


All times are GMT +2. The time now is 19:07.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.