Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General
Reload this Page correct way of blocking an IP using Bastille Firewall
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 25th January 2011, 12:18
florix.net florix.net is offline
Member
  
Join Date: Oct 2010
Posts: 38
Thanks: 4
Thanked 0 Times in 0 Posts
Default correct way of blocking an IP using Bastille Firewall
How can I block an IP or range of IP address using Bastille Firewall?

I am using ISPConfig 3 on centos 5.5

Richard
Reply With Quote
Sponsored Links
  #2  
Old 25th January 2011, 13:17
till till is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 31,872
Thanks: 689
Thanked 4,184 Times in 3,202 Posts
Default
The bastille Firewall is used to open / close ports on your server. If you want to block a IP, I would use the route command. See ISPConfig FAQ:

http://www.faqforge.com/linux/how-to...ress-on-linux/
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 25th January 2011, 16:32
mini14 mini14 is offline
Member
  
Join Date: Oct 2010
Posts: 66
Thanks: 2
Thanked 2 Times in 2 Posts
Default
Hi Till,

Using "man route" in Centos shows
Code:
reject install a blocking route, which will force a route lookup to fail.  This is for example used to mask out net-
              works before using the default route.  This is NOT for firewalling.
Why they say "not for firewalling" I'm not sure...but instead of that, I've been adding IP's to block to my pre-chain-split.sh file in the /etc/Bastille/firewall.d directory (ISPConfig2) and it works great.

For example to block a class C add the following:

iptables -A INPUT -s 123.456.789.0/24 -j DROP

and then restart Bastille: /etc/init.d/bastille-firewall restart

Hope this helps!
Reply With Quote
  #4  
Old 26th January 2011, 00:34
florix.net florix.net is offline
Member
  
Join Date: Oct 2010
Posts: 38
Thanks: 4
Thanked 0 Times in 0 Posts
Default
Hi,


I do not see that file under ISPConfig 3 .. please let me know.

If I add the rules using command line, and if server restarts, will those rules be applicable?

Richard
Reply With Quote
  #5  
Old 16th February 2011, 20:59
8omas 8omas is offline
Senior Member
  
Join Date: Jan 2011
Posts: 139
Thanks: 16
Thanked 33 Times in 25 Posts
 
Default
If we want to use iptables, how can we add our own rules after the bastille rules applied?

Is there any file that we can paste our 'after' rules?
My solution so far is to use /etc/rc.local but is it ok?

I am using debian 6, Ispconfig 3.0.3.2
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with bastille firewall on OVH RPS servers SupuS Installation/Configuration 12 3rd June 2010 16:20
Bastille Firewall problems itsnedkeren General 7 2nd May 2010 22:55
ISPconfig firewall blocking outgoing connections aglenday General 6 2nd August 2009 12:11
ISPConfig Firewall Bastille udp port range stefanr Installation/Configuration 6 31st January 2008 17:45
bastille firewall help needed daveb Server Operation 2 28th March 2007 20:27


All times are GMT +2. The time now is 14:02.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.