#1  
Old 26th March 2013, 17:44
sheshes sheshes is offline
Senior Member
 
Join Date: Aug 2009
Location: Nicosia
Posts: 123
Thanks: 2
Thanked 0 Times in 0 Posts
Default ISPconfig 3 Bastille Firewall

I have noticed that Bastille Firewall is throwing up some errors.


/sbin/bastille-ipchains: line 228: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 230: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 232: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 234: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 236: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 238: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 247: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 248: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 254: /sbin/ipchains: No such file or directory
Setting up IP spoofing protection... done.
Allowing traffic from trusted interfaces.../sbin/bastille-ipchains: line 279: /sbin/ipchains: No such file or directory
done.
/sbin/bastille-ipchains: line 293: /sbin/ipchains: No such file or directory
Setting up chains for public/internal interface traffic.../sbin/bastille-ipchains: line 336: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 338: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 341: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 343: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 347: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 349: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 352: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 354: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
done.
Setting up general rules.../sbin/bastille-ipchains: line 433: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 433: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 441: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 442: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 469: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 487: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 500: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 504: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 487: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 500: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 504: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
done.
Setting up outbound rules.../sbin/bastille-ipchains: line 566: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 566: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 580: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 586: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 587: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 592: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 592: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 596: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 596: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
/sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
done.

Also the output of iptables -L is


Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Which shows that no rules are applied.

I have everything setup in ISPconfig 3 control panel and the firewall record is there. Is this normal? Shouldn't bastille firewall be running normally?
Reply With Quote
Sponsored Links
  #2  
Old 27th March 2013, 18:26
sheshes sheshes is offline
Senior Member
 
Join Date: Aug 2009
Location: Nicosia
Posts: 123
Thanks: 2
Thanked 0 Times in 0 Posts
 
Default

The errors are fixed after following falko's previous thread, but can someone explain if bastille-firewall is getting correct information from ISPconfig 3 or if additional effort needs to be applied to configure the firewall properly.

The output of iptables -L after succesfully running bastille-firewall without errors is as follows.

Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- base-address.mcast.net/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain PAROLE (13 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (5 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:imap2
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:mysql
PAROLE tcp -- anywhere anywhere tcp dpt:http-alt
PAROLE tcp -- anywhere anywhere tcp dpt:8181
PAROLE tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:mysql
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (5 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Version 1.3 of the ISPConfig 3 Manual is finally available! falko General 44 2nd December 2011 13:04
Problem on Bastille firewall with CentOS 6.0 and ispconfig 3.0.3.3 themark Installation/Configuration 5 19th October 2011 13:57
Loads of mysql connections to dbispconfig StrikerNL General 2 5th March 2009 15:31
ISPConfig Firewall Bastille udp port range stefanr Installation/Configuration 6 31st January 2008 18:45
firewall in ISPConfig warrior Installation/Configuration 5 28th March 2007 09:06


All times are GMT +2. The time now is 01:28.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.