#1  
Old 10th December 2005, 23:01
dwyoung dwyoung is offline
Junior Member
 
Join Date: Dec 2005
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default ISPConfig firewall issue

I recently setup a server using the FC4 Perfect Setup tutorial. I've got things up and running with my website and ISPConfig, but when I try to turn on the firewall on my website is no longer reachable from the internet. If I turn the firewall off again and browse for my website it comes up with no problem.

According to my firewall rules, port 80 is open so I'm puzzled as to what is going on here. Here's the output of iptables -L:

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain PAROLE (9 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dpt:81
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:10000
ACCEPT udp -- anywhere anywhere udp dpt:domain
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (3 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Reply With Quote
Sponsored Links
  #2  
Old 10th December 2005, 23:46
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,736
Thanks: 840
Thanked 5,596 Times in 4,407 Posts
Default

Do you use "your" firewall or the ISPCOnfig firewall? If you want to use an other firewall then the ISPConfig firewall, you must deactivate the ISPConfig firewall first under Management > Server > Services
Reply With Quote
  #3  
Old 10th December 2005, 23:50
dwyoung dwyoung is offline
Junior Member
 
Join Date: Dec 2005
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I want to use the ISPConfig firewall. I did not install the firewall that comes with Fedora Core 4 when I installed my operating system.
Reply With Quote
  #4  
Old 11th December 2005, 15:07
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Is your server connected directly to the internet, or is it in some kind of local network behind a router?
Did you change the Apache configuration so that it uses another port than 80?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 12th December 2005, 02:07
dwyoung dwyoung is offline
Junior Member
 
Join Date: Dec 2005
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

My server is connected to the internet through a wireless router. I have port forwarding configured on the router to forward port 80 to my server. ISPConfig is currently using port 81. All of this seems to play nicely and the webserver works just how it's supposed to until I turn the firewall on and then I can no longer access my website.
Reply With Quote
  #6  
Old 12th December 2005, 11:26
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
 
Default

Can you post the output of
Code:
ifconfig
and
Code:
iptables -L
(when the firewall is turned on)?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig configuration or ipcop firewall being the cuase of trouble? AZMel Installation/Configuration 6 15th March 2006 01:20
I need a suitable firewall. agul Server Operation 4 23rd November 2005 01:12
MySQL issue during install of ISPConfig ricbax Installation/Configuration 4 16th September 2005 10:41
ISPConfig Firewall and no sense MyLinux General 7 9th September 2005 18:35
Firewall and ISPConfig MyLinux General 3 7th September 2005 10:36


All times are GMT +2. The time now is 22:25.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.