Firewall not installed by default?

Discussion in 'Installation/Configuration' started by Romoku, Jul 15, 2010.

  1. Romoku

    Romoku New Member

    After doing some searching I figured out the firewall wasn't installed by default and I just want someone to check that I installed it alright.

    I read in the comments section of the debian lenny guide to use

    Code:
    # apt-get install bastille -y
    To install the firewall. I kept the already installed script from ispconfig. I got a weird error from psad

    Code:
    ERR: Syslog has not been configured to send messages to /var/lib/psad/psadfifo. Please configure it as described in psad(8).
    So I googled it and found basic lowdown and the way to debug psad.

    I used
    Code:
    # echo -e ’kern.info\t|/var/lib/psad/psadfifo’ >> /etc/syslog.conf
    To fix the original error and I edited the /etc/psad/psad.conf

    Code:
    EMAIL_ADDRESSES <myemailaddress>;

HOSTNAME                    <myhostname>;

SYSLOG_DAEMON               rsyslogd;

### Only send email alert if danger level >= to this value.
EMAIL_ALERT_DANGER_LEVEL    3;
    I went back into my ispconfig 3 webface and deleted the rule and remade.

    Open TCP ports: 20,21,22,25,53,80,110,143,443,3306,8080,10000
    Open UDP ports: 53,3306

    and now my 'iptables -L'

    Code:
    administrator@web1:~$ sudo iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       tcp  --  anywhere             loopback/8
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  BASE-ADDRESS.MCAST.NET/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain PAROLE (12 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (4 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:domain
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:www
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:imap2
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:mysql
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:http-alt
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:webmin
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            udp dpt:mysql
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (4 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain fail2ban-ssh (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
    Do the iptables look alright? I'm not very experienced in the lingo, yet.
     
    Romoku, Jul 15, 2010
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig comes with its own copy of bastille. Please do not install it with apt, it will corrupt the firewall setup from ISPConfig!

    You can enable the firewall by creating a firewall record in ispconfig under system.
     
    till, Jul 15, 2010
    #2

Share This Page