#1  
Old 3rd March 2009, 01:25
weldpua2008 weldpua2008 is offline
Junior Member
 
Join Date: Feb 2009
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default ispconfig3 & Firewall

Hello
I use Debian 5.0 lenny. Whan I activated default firewall rule in ISPconfig 3.0.0.9 I can't able more to get any data via http/ftp proto (apt-get update/ apt-get install ) , ping...
I find that ISPconfig use /etc/init.d/bastille-firewall and /etc/Bastille/bastille-firewall.cfg .
Where I can find how to write rule into ISPconfig3? (I need see answer in sources?)

I've run ispconfig on VPS, and can limit user root to connect any sites, except site's with updates useing:
-m owner option for iptables
For security reasons deny for php-cgi/apache/modphp access to network(for upload shell), except when client's need use external support.
Allow for chroot-ssh users upload files.
Reply With Quote
Sponsored Links
  #2  
Old 3rd March 2009, 12:21
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,486
Thanks: 813
Thanked 5,256 Times in 4,121 Posts
Default

The ISPConfig firewall does not block any outgoing connections, it blocks only incomming connections. If you need a more fine grained control, you can use any other firewall you like on a ispconfig server.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 3rd March 2009, 23:17
weldpua2008 weldpua2008 is offline
Junior Member
 
Join Date: Feb 2009
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till View Post
The ISPConfig firewall does not block any outgoing connections, it blocks only incoming connections. If you need a more fine grained control, you can use any other firewall you like on a ispconfig server.
I don't want change firewall. I want do some work-around changes to 100% support ISPconfig3 new releases.May be add some template, which may need by other user's, that's way I want know more about firewall use.
Reply With Quote
  #4  
Old 4th March 2009, 18:40
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
Default

How do I disable the iptables rules used by ispconfig? or how would I change them? Munin has been blocked.... on port 4949
Reply With Quote
  #5  
Old 4th March 2009, 22:44
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,486
Thanks: 813
Thanked 5,256 Times in 4,121 Posts
Default

There is no need to change any rules manually. Just add port 4949 to the port list of the firewall in the ispconfig interface.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 21st March 2009, 08:05
rexroy rexroy is offline
Junior Member
 
Join Date: Mar 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi, I am new to ISPconfig and currently testing ISPconfig 3 on Debian 5.0. I would like to implement NAT between my openvpn network and internet. Where can I edit iptables firewall rules to perform this? I even duno where is the config file for iptables, which is controlled by ISPconfig firewall function. Please help! Thanks,
Reply With Quote
  #7  
Old 22nd March 2009, 14:37
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

I think the firewall configuration is in /etc/Bastille/bastille-firewall.cfg.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
High Availability (Load Balancing) behind a firewall geek.de.nz Server Operation 7 4th January 2011 13:58
Running customised firewall script -RHEL 4 sud.tech Technical 0 12th June 2008 15:17
firewall scripts error in RHEL 4 sud.tech Technical 1 6th June 2008 11:22
ISP Services firewall page ustoopia Feature Requests 2 17th July 2007 18:39
I need a suitable firewall. agul Server Operation 4 23rd November 2005 00:12


All times are GMT +2. The time now is 03:47.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.