bastille issue.

Discussion in 'Installation/Configuration' started by ozgurerdogan, Feb 25, 2014.

  1. ozgurerdogan

    ozgurerdogan New Member

    After spending 4 hours, I found that doing;
    /sbin/bastille-netfilter stop
    made outgoing mails sent and dns resolve worked fine.

    I am new to ispconfig. Where do I control firewall? In system setting I tried enabling firewall and added all needed port but after just
    /sbin/bastille-netfilter start
    then outgoing mails and dns issue comes back again.

    What do you suggest? I am not sure if /sbin/bastille-netfilter default state is start or not.
  2. srijan

    srijan New Member HowtoForge Supporter


    As per explained by you, I can suggest that you can have only one Firewall record in ISPConfig, please check that any oher Firewall record is created. DO you have any other firwall also installed??

    Select the loglevel for the ISPConfig log (under Monitor > System State (All
    Servers) > Show System-Log).

    • Debug: This loglevel will log all output from ISPConfig, including warnings and errors. As the name
    says, this is usefull for debugging.
    • Warnings: This loglevel will log ISPConfig warnings and errors.
    • Errors: This loglevel will just log ISPConfig errors. Recommended for production systems.

    Please enable the basetille & check the logs & paste the Logs so that we can analyse the log.


  3. till

    till Super Moderator Staff Member ISPConfig Developer

    Is this a virtual server or "real" server? iptables based firewalls like bastille may not work correctly on virtual server that use openvz / virtuozzo. In general, you dont bneed a firewall when you instaled your server as described in the perfect setup guide as your server will run only servies then that shall be accessible from outside anyway.
  4. ozgurerdogan

    ozgurerdogan New Member

    I did not install any firewall. It is just a default perfect install.

    Yes this is a openvz. So I do not need a firewall?
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    You dont need a firewall to close ports when you run only that software that shall be accessible from outside. Blocking ports with a firewall were no service is running makes no sense. On openvz, you cant use a firewall anyway as it will interfere with the host system.
  6. ozgurerdogan

    ozgurerdogan New Member

    I see. It would be good idea to note that in install guide I guess. Can I unintalled builtin firewall for future issues.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    The install guide did not instruct you to activate the firewall. The install guide contains all steps that you should do to install the server, so if it has no step that tells you to turn on the firewall, then its not nescessary.

    no need to uninstall it, just deactivate it again in ispconfig.
  8. ozgurerdogan

    ozgurerdogan New Member

    Not sure but even I deactivated it I had to run /sbin/bastille-netfilter stop manually.

    Anywall I will leave it so and see.

Share This Page