Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 19th April 2013, 10:41
theWeird theWeird is offline
Member
 
Join Date: Nov 2009
Posts: 61
Thanks: 10
Thanked 6 Times in 5 Posts
Default Changing from bastille to UFW

I am working on getting my servers and VMs IPv6 ready.
Because bastille does not support IPv6 I have to change to UFW which should be supportet by 3.0.5.

Which steps do I have to proceed to successfully replace bastille with UFW and getting it updated by ISPConfig?
Reply With Quote
Sponsored Links
  #2  
Old 19th April 2013, 14:52
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 34,609
Thanks: 792
Thanked 4,986 Times in 3,905 Posts
Default

I havent tested this, but it should work like this:

1) disable the firwall record in ispconfig to stop bastille.
2) Install ufw
3) run a ispconfig update with reconfigure services
4) set firewall type to ufw in ispconfig and enable the firewall record again.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 23rd April 2013, 01:17
HSorgYves HSorgYves is offline
Junior Member
 
Join Date: Nov 2005
Posts: 17
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I think 3) is not needed. But anyway, the ufw version must be 0.30 or newer (@Till: why?) and thus the default package of Debian Squeeze cannot be used.
Reply With Quote
  #4  
Old 2nd December 2013, 17:31
JeffryL JeffryL is offline
Member
 
Join Date: Apr 2011
Posts: 35
Thanks: 9
Thanked 0 Times in 0 Posts
Default

If I follow these steps without step 3 I'm no longer able to connect through ssh despite this port is set to be open. Or could it be that fail2ban is not working correctly with ufw?

I will try to change with performing step 3.

By the way. If you change your server firewall and the state within one update cycle of ISPConfig i.e. in a short period it will first update the firewall status and then the server config. So if you change from Bastille to UWF and you switch it off and wait (until the job queue is finished). And then change the config en status it will activate Bastille again instead of UWF. Bottom line wait until the server config is updated and then change firewall status.
Reply With Quote
  #5  
Old 2nd December 2013, 17:48
JeffryL JeffryL is offline
Member
 
Join Date: Apr 2011
Posts: 35
Thanks: 9
Thanked 0 Times in 0 Posts
 
Default

Ok, i ran the updater like step 3 mentioned but it does not seem to configure ufw. Only Bastille is mentioned while reconfiguring.

I switched off fail2ban as well (beforehand), but still I'm not able to connect through SSH after enabling UFW. Same settings with Bastille work fine.

Multiserver Ubuntu setup btw.

Last edited by JeffryL; 2nd December 2013 at 18:06.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
bastille to ufw HSorgYves Installation/Configuration 0 5th April 2013 21:33
Bastille on Debian squeeze Davide Installation/Configuration 12 12th April 2012 14:07
Bastille Firewall problems itsnedkeren General 7 2nd May 2010 22:55
chgrp error new user DKA General 15 28th July 2008 17:45


All times are GMT +2. The time now is 09:39.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.