There seems to be a big problem with /etc/Bastille/bastille-firewall.cfg after the update from version 220.127.116.11. I have a debian lenny perfect setup running on a strato vServer.
When I change the ports in the web interface and activate the firewall the ports are correctely stored in the database as I can see in phpmyadmin:
But since the update bastille-firewall.cfg is not beeing updated correctly (before it was, exept the error described below). Now it's even worse: Insted of setting
TCP_PUBLIC_SERVICES="20 21 22 25 53 80 443 995 3306 8081 40000:40020"
UDP_PUBLIC_SERVICES="53 3306 40000:40020"
the script sets
which would have made the server unreachable if I hadn't been logged in into ssh while doing that.
The only possibility I found at the moment, is correcting bastille-firewall.cfg manually.
I mainly updated because of the misssing possibility to insert port ranges in the firewall configuration (web interface) in style of "40000:40020" as for example needed for passive ftp mode with pureFTP.
As stated e.g. in http://www.howtoforge.com/forums/showthread.php?t=14259
there has been a bug with the length of the firewall port field in dbispconfig, which should be fixed now or already in the former version (?), but for me it diddn't work (the ":XXXXX" was always croped as e.g. already described here: http://www.howtoforge.com/forums/showthread.php?t=35411
). But now it's even worse as stated above.
Any ideas how to fix this?
Meanwhile I found a suitable "hotfix" for the problem. Details here: http://www.howtoforge.com/forums/showthread.php?t=37678