IPSConfig 3 and firewall

Discussion in 'Installation/Configuration' started by momo1240, Sep 16, 2013.

  1. momo1240

    momo1240 Member

    Hello,
    hope someone can help me.
    I have some questions about firewall on ispconfig panel
    I installed a new service with a specific port (for example 4408)
    but I didn't authorize this port on the firewall in the ispconfig panel but I have access to this service.
    While normally to use this port, I must add it on the firewall port list

    thanks for your help
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Then you either tried to access it trough localhost (were firewalls dont apply) or the firewall is notstarted. you can see the firewall rules with:

    iptables -L
     
  3. momo1240

    momo1240 Member

    ispconfig firewall

    Thanks for your help till,
    with iptables -L I have this, are all ports open ?

    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
    fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp
    fail2ban-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    Chain fail2ban-dovecot-pop3imap (1 references)
    target prot opt source destination
    RETURN all -- anywhere anywhere

    Chain fail2ban-pureftpd (1 references)
    target prot opt source destination
    RETURN all -- anywhere anywhere

    Chain fail2ban-ssh (1 references)
    target prot opt source destination
    RETURN all -- anywhere anywhere
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, there is currently no firewall started.

    Normally you wont need a firewall on your server as it should run only the services that shall be accessible from outside anyway. Only if you install additional sevices which shall not be accessed, then it makes sense to install and start the firewall. E.g. if you install your server as described in the perfects etup guide, then you dont need a firewall as all services that are listeing on the external network interface shall be accessible.
     
  5. momo1240

    momo1240 Member

    ispconfig firewall

    Hi till
    thanks again for your help
    I juste have a last question
    In default configuration of ispconfig, is Bastille Firewall runnig or not?
    cause I just restart it and it tell me that there is no file on /sbin/ipchains
    thanks again
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Bastille is installed but not running (you see that in ispconfig, the firewall list is empty) as there is no firewall required in the default installation.
     

Share This Page