#1  
Old 11th May 2013, 11:12
ob1kenobi ob1kenobi is offline
Junior Member
 
Join Date: May 2013
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default ISPConfig 3 firewall problem

Hi everybody,

Just new to the forums and to ISPConfig.

I was just setting up my new dedicated box following the perfect wheezy server guide.

I managed to get everything working but when enabled ufw as firewall, ISPConfig interface stoped responding. To make things worse I dont use default port in sshd. I know it sounds like I am been locked out, but I thought that I could revert changes through ISPConfig interface.

Any ideas why this is happening?
Reply With Quote
Sponsored Links
  #2  
Old 11th May 2013, 22:01
tahunasky tahunasky is offline
Member
 
Join Date: Jul 2012
Location: Buenos Aires
Posts: 84
Thanks: 1
Thanked 8 Times in 8 Posts
Default

I am guessing the firewall rules that IPSConfig setup have been over written.

You will need to change the firewall settings on the server and to open up the ports needed by IPSConfig and SSH. If ssh is blocked, you will need to do this at the server using keyboard and monitor.

iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j ACCEPT

The above commands will only open up the ports until next reboot, so you will need to edit the script that sets up the firewall at boot.
Reply With Quote
  #3  
Old 11th May 2013, 22:13
ob1kenobi ob1kenobi is offline
Junior Member
 
Join Date: May 2013
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

The thing is that http & https is blocked rendering ISPConfig interface useless and not allowing me to change firewall setup within ISPConfig
What makes it even stranger is that when I configured ufw from the command line I allowed http and https and when I enabled it through ISPConfig the default setup is allowing http and https as well.

So when was it blocked? something is missing here...

Anyhow thank you for you reply, unfortunately keyboard and monitor are not available...
Reply With Quote
  #4  
Old 11th May 2013, 22:58
tahunasky tahunasky is offline
Member
 
Join Date: Jul 2012
Location: Buenos Aires
Posts: 84
Thanks: 1
Thanked 8 Times in 8 Posts
Default

Unless i could see the rules that have been setup i can't tell you what is blocking what.

Basically once you have setup a firewall script and saved it, and it is blocking ssh/http/https the only way to get into the server is with keyboard and monitor.

You should only have one firewall script running, and because you are using ISPConfig to manage your server you should stay with that.

I know this is not much help now, but what i always do when i am playing around with a firewall on a remote system is setup a cron job script that will reset/flush the firewall rules and open all ports every 5 mins, so if i stuff up something i just have to wait 5 mins for access - and even though i have been using iptables for years now on servers and routers i still stuff it up from time to time.

Last edited by tahunasky; 11th May 2013 at 23:01.
Reply With Quote
  #5  
Old 12th May 2013, 09:51
ob1kenobi ob1kenobi is offline
Junior Member
 
Join Date: May 2013
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

The idea witht the cron job is pretty smart, never had thought about it.
Anyhow box is up and running..

thanks for your time.
Reply With Quote
Reply

Bookmarks

Tags
bastille, firewall, ufw

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Relay access denied when using SMTP to external recipients Kamran Shah Installation/Configuration 111 14th May 2014 18:10
No dns zone files created? sjau Installation/Configuration 7 13th March 2012 13:15
All files gone after changing quota to 0 spynode General 17 19th January 2012 14:41
Sending email issue lezelf Installation/Configuration 15 9th August 2011 11:20
Loads of mysql connections to dbispconfig StrikerNL General 2 5th March 2009 14:31


All times are GMT +2. The time now is 04:55.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.