Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 2nd June 2010, 18:51
SupuS SupuS is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 201
Thanks: 68
Thanked 13 Times in 11 Posts
Default Problem with bastille firewall on OVH RPS servers

Hi all,

I cannot use Bastille firewall on OVH RPS servers. After enabling firewall rule server becomes unavailable. After manual reboot is server reachable again but in aproximately 20 minutes later server becomes unavailable again even if I delete all firewal rules. I suppose that some cron job try switch on firewall.

Has anybody same experiences or solution?

Thanks for any suggestion

SupuS
Reply With Quote
Sponsored Links
  #2  
Old 2nd June 2010, 20:32
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,502
Thanks: 813
Thanked 5,264 Times in 4,128 Posts
Default

Quote:
I suppose that some cron job try switch on firewall.
There is no such cronjob in ISPConfig 3. But maybe some other cronjob on your server does this. You can e.g. try to disable the firewall with e.g. update-rc.d on Debian and Ubuntu.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 2nd June 2010, 22:06
SupuS SupuS is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 201
Thanks: 68
Thanked 13 Times in 11 Posts
Default

Quote:
Originally Posted by till View Post
There is no such cronjob in ISPConfig 3. But maybe some other cronjob on your server does this. You can e.g. try to disable the firewall with e.g. update-rc.d on Debian and Ubuntu.
Hi till

server works well until I insert new firewall rule. After reboot it freeze if I start or restart bastille or wait for 20 minutes.

Last line in the syslog is:

Code:
/USR/SBIN/CRON[13513]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log
I tested firewall in ISPConfig 3 installed in virtualbox and it was without problem. Maybe is there some problem with kernel from OVH?

SupuS
Reply With Quote
  #4  
Old 2nd June 2010, 22:11
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,502
Thanks: 813
Thanked 5,264 Times in 4,128 Posts
Default

I dont think that its a kernel problem. Most likely the ethernet card has a different name (not eth...). Please post the output of:

ifconfig
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 2nd June 2010, 22:21
SupuS SupuS is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 201
Thanks: 68
Thanked 13 Times in 11 Posts
Default

Quote:
Originally Posted by till View Post
I dont think that its a kernel problem. Most likely the ethernet card has a different name (not eth...). Please post the output of:

ifconfig
Code:
# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:23:54:1b:47:1a  
          inet addr:xxx.23.20.97  Bcast:xxx.23.20.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1238054 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1776408 errors:0 dropped:0 overruns:0 carrier:1
          collisions:0 txqueuelen:1000 
          RX bytes:582459034 (582.4 MB)  TX bytes:1876881032 (1.8 GB)

eth0:0    Link encap:Ethernet  HWaddr 00:23:54:1b:47:1a  
          inet addr:yyy.98.138.163  Bcast:yyy.255.255.255  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:7249 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7249 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:662492 (662.4 KB)  TX bytes:662492 (662.4 KB)
I use yyy.98.138.163 .. it is IP FailOver .. can be transfered to other server

Last edited by SupuS; 2nd June 2010 at 22:23.
Reply With Quote
  #6  
Old 2nd June 2010, 22:23
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,502
Thanks: 813
Thanked 5,264 Times in 4,128 Posts
Default

Ok. Thats fine, so its not a problem with the name of the network card interface.

Which Linux distribution is this?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 2nd June 2010, 22:28
SupuS SupuS is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 201
Thanks: 68
Thanked 13 Times in 11 Posts
Default

Quote:
Originally Posted by till View Post
Ok. Thats fine, so its not a problem with the name of the network card interface.

Which Linux distribution is this?
It is Ubuntu 9.04 but I tested also Debian Lenny with ISPConfig 3 preinstalled by OVH and there was the same problem.
Reply With Quote
  #8  
Old 2nd June 2010, 22:36
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,502
Thanks: 813
Thanked 5,264 Times in 4,128 Posts
Default

Then there must be some kind of incompatibility with the bastille firewall. Please disable the start of the firewall at boot by running:

update-rc.d -f bastille-firewall remove

and then remove the firewall record in ispconfig or set it to inactive.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #9  
Old 2nd June 2010, 22:47
SupuS SupuS is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 201
Thanks: 68
Thanked 13 Times in 11 Posts
Default

Quote:
Originally Posted by till View Post
Then there must be some kind of incompatibility with the bastille firewall. Please disable the start of the firewall at boot by running:

update-rc.d -f bastille-firewall remove

and then remove the firewall record in ispconfig or set it to inactive.
I disable start of bastille for now and I wrote to OVH technicians about this problem .. maybe they will find where is the problem.

Thanks for reply till
Reply With Quote
  #10  
Old 3rd June 2010, 12:49
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,502
Thanks: 813
Thanked 5,264 Times in 4,128 Posts
 
Default

One idea reagarding this issue came to my mind. Arent the OVH servers using a harddisk that is attached from a storage area network instead of a local harddisk? In that case, you might have to open a port in the firewall to enable access to then SAN as well.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
postfix problems with smtp linkdeb Server Operation 13 15th March 2014 17:58
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 12:20
FTP very slow in LAN, "fast" from WAN-> Firewall problem? Pasco Server Operation 6 7th March 2006 15:17
Firewall problem davidg Installation/Configuration 4 14th August 2005 13:15
Problem opening firewall port weedguy General 15 12th August 2005 01:05


All times are GMT +2. The time now is 16:04.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.