#1  
Old 14th March 2010, 21:19
Toucan Toucan is offline
Senior Member
 
Join Date: Dec 2009
Posts: 478
Thanks: 78
Thanked 39 Times in 33 Posts
Default Open and Close ports

I'm running ISPConfig3 on debian as per the perfect guide and today did the updrade (which went perfectly!)

Up until now, I've had my router forwarding all ports to that one server. I appreciate this isn't very good for security and as such would like to only forward the ports necessary. I've made no custom changes to my system.

Which ports do I need fowarded?
8080 for the control panel
2812 for monit
80 for apache web server
21 for FTP
22 for the remote shell? (is that right?)

Are there any others that I've not thought of?


Also someone on my network keeps downloading torrents that I'd like to block as they are affecting the my services. I think they work on the 6000s. If i block them outbound and inbound will it have any affect on my web services?
Reply With Quote
Sponsored Links
  #2  
Old 14th March 2010, 23:29
Fantu Fantu is offline
Junior Member
 
Join Date: Nov 2007
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

22 standard for ssh ok
there are also (if you use, if not not open):
443 for https
3306 for mysql if you have to access from remote
25 smtp
465 smtp ssl/tls
110 pop3
995 pop3 ssl
53 dns
143 imap
Reply With Quote
  #3  
Old 16th March 2010, 20:59
Toucan Toucan is offline
Senior Member
 
Join Date: Dec 2009
Posts: 478
Thanks: 78
Thanked 39 Times in 33 Posts
Default

SSH and web serving went well but I had a problem connect the mail services.

I used the following inbound table settings:

! Service Name Filter LAN Server IP Address LAN Users WAN Users Destination Bandwidth Profile Log
admin Allow Always 192.168.0.1 ANY ADSL NONE Never
ANY Allow Always 192.168.0.100 ANY ADSL NONE Never
DNS:UDP Allow Always 192.168.0.100 ANY ADSL NONE Never
DNS:TCP Allow Always 192.168.0.100 ANY ADSL NONE Never
SSH:TCP Allow Always 192.168.0.100 ANY ADSL NONE Never
SSH:UDP Allow Always 192.168.0.100 ANY ADSL NONE Never
ISPConfig Cpanel Allow Always 192.168.0.100 ANY ADSL NONE Never
Monit Allow Always 192.168.0.100 ANY ADSL NONE Never
HTTP Allow Always 192.168.0.100 ANY ADSL NONE Never
FTP Allow Always 192.168.0.100 ANY ADSL NONE Never
HTTPS Allow Always 192.168.0.100 ANY ADSL NONE Never
mysql Allow Always 192.168.0.100 ANY ADSL NONE Never
SMTP Allow Always 192.168.0.100 ANY ADSL NONE Never
smtp SSL Allow Always 192.168.0.100 ANY ADSL NONE Never
POP3 Allow Always 192.168.0.100 ANY ADSL NONE Never
POP3 SSL Allow Always 192.168.0.100 ANY ADSL NONE Never
IMAP2 Allow Always 192.168.0.100 ANY ADSL NONE Never
IMAP3 Allow Always 192.168.0.100 ANY ADSL NONE Never
SMTP Custom Allow Always 192.168.0.100 ANY ADSL NONE Never
POP3 Custom Allow Always 192.168.0.100 ANY ADSL NONE Never
imap Allow Always 192.168.0.100 ANY ADSL NONE Never


I set the imap and pop services to TCP, is that right?
Reply With Quote
  #4  
Old 16th March 2010, 21:07
Fantu Fantu is offline
Junior Member
 
Join Date: Nov 2007
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

yes, tcp, but the problem can also be other and not firewall
Reply With Quote
  #5  
Old 16th March 2010, 21:19
Toucan Toucan is offline
Senior Member
 
Join Date: Dec 2009
Posts: 478
Thanks: 78
Thanked 39 Times in 33 Posts
Default

I'm not sure I follow.

When I set all ports to foward to that 1 lan ip address all services work fine. When I close it down to the ports listed the mail service stops working.

Where else could the problem be? The only thing I can think of is my mail services don't work on the one you listed.

Is there a command I can run to find out what ports are being used?
Reply With Quote
  #6  
Old 21st March 2010, 13:02
Toucan Toucan is offline
Senior Member
 
Join Date: Dec 2009
Posts: 478
Thanks: 78
Thanked 39 Times in 33 Posts
Default

Can anyone tell me how I find out what port my mail server is using so I can set up port forwarding from the router please?
Reply With Quote
  #7  
Old 21st March 2010, 13:04
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,717
Thanks: 820
Thanked 5,322 Times in 4,175 Posts
Default

The mail server ports are standard, so every servers uses the same ports, see here for a list of email ports:

http://www.emailaddressmanager.com/t...l-servers.html
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
Toucan (21st March 2010)
  #8  
Old 21st March 2010, 23:12
Toucan Toucan is offline
Senior Member
 
Join Date: Dec 2009
Posts: 478
Thanks: 78
Thanked 39 Times in 33 Posts
 
Default Solved

Quote:
Originally Posted by till View Post
The mail server ports are standard, so every servers uses the same ports, see here for a list of email ports:

http://www.emailaddressmanager.com/t...l-servers.html
Till,

Thanks for that, it sorted it!

Ta
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3.0.1.4 causes Apache to have too many open files gkovacs Installation/Configuration 29 27th February 2013 08:59
Open Ports Salam Installation/Configuration 1 7th February 2008 11:31
So close to getting 3D on my ATI graphics card, please help me finish thirtythree HOWTO-Related Questions 6 27th September 2007 22:04
Close All Port Using Iptables !! pinguingilo Installation/Configuration 3 4th July 2006 06:08
Firewall won't open or close ports Scarecrow Installation/Configuration 1 14th February 2006 09:05


All times are GMT +2. The time now is 15:57.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.