HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=25)
-   -   Changing from bastille to UFW (http://www.howtoforge.com/forums/showthread.php?t=61523)

theWeird 19th April 2013 11:41

Changing from bastille to UFW
 
I am working on getting my servers and VMs IPv6 ready.
Because bastille does not support IPv6 I have to change to UFW which should be supportet by 3.0.5.

Which steps do I have to proceed to successfully replace bastille with UFW and getting it updated by ISPConfig?

till 19th April 2013 15:52

I havent tested this, but it should work like this:

1) disable the firwall record in ispconfig to stop bastille.
2) Install ufw
3) run a ispconfig update with reconfigure services
4) set firewall type to ufw in ispconfig and enable the firewall record again.

HSorgYves 23rd April 2013 02:17

I think 3) is not needed. But anyway, the ufw version must be 0.30 or newer (@Till: why?) and thus the default package of Debian Squeeze cannot be used.

JeffryL 2nd December 2013 18:31

If I follow these steps without step 3 I'm no longer able to connect through ssh despite this port is set to be open. Or could it be that fail2ban is not working correctly with ufw?

I will try to change with performing step 3.

By the way. If you change your server firewall and the state within one update cycle of ISPConfig i.e. in a short period it will first update the firewall status and then the server config. So if you change from Bastille to UWF and you switch it off and wait (until the job queue is finished). And then change the config en status it will activate Bastille again instead of UWF. Bottom line… wait until the server config is updated and then change firewall status.

JeffryL 2nd December 2013 18:48

Ok, i ran the updater like step 3 mentioned but it does not seem to configure ufw. Only Bastille is mentioned while reconfiguring.

I switched off fail2ban as well (beforehand), but still I'm not able to connect through SSH after enabling UFW. Same settings with Bastille work fine.

Multiserver Ubuntu setup btw.


All times are GMT +2. The time now is 08:09.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.