ISPconfig 3 Bastille Firewall

Discussion in 'Installation/Configuration' started by sheshes, Mar 26, 2013.

  1. sheshes

    sheshes New Member

    I have noticed that Bastille Firewall is throwing up some errors.


    /sbin/bastille-ipchains: line 228: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 230: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 232: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 234: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 236: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 238: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 247: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 248: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 254: /sbin/ipchains: No such file or directory
    Setting up IP spoofing protection... done.
    Allowing traffic from trusted interfaces.../sbin/bastille-ipchains: line 279: /sbin/ipchains: No such file or directory
    done.
    /sbin/bastille-ipchains: line 293: /sbin/ipchains: No such file or directory
    Setting up chains for public/internal interface traffic.../sbin/bastille-ipchains: line 336: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 338: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 341: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 343: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 347: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 349: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 352: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 354: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 376: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 377: /sbin/ipchains: No such file or directory
    done.
    Setting up general rules.../sbin/bastille-ipchains: line 433: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 433: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 441: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 442: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 459: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 464: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 469: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 487: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 500: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 504: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 487: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 494: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 500: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 504: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 533: /sbin/ipchains: No such file or directory
    done.
    Setting up outbound rules.../sbin/bastille-ipchains: line 566: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 566: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 580: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 586: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 587: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 592: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 592: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 596: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 596: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
    /sbin/bastille-ipchains: line 600: /sbin/ipchains: No such file or directory
    done.

    Also the output of iptables -L is


    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    Which shows that no rules are applied.

    I have everything setup in ISPconfig 3 control panel and the firewall record is there. Is this normal? Shouldn't bastille firewall be running normally?
     
  2. sheshes

    sheshes New Member

    The errors are fixed after following falko's previous thread, but can someone explain if bastille-firewall is getting correct information from ISPconfig 3 or if additional effort needs to be applied to configure the firewall properly.

    The output of iptables -L after succesfully running bastille-firewall without errors is as follows.

    Chain INPUT (policy DROP)
    target prot opt source destination
    DROP tcp -- anywhere 127.0.0.0/8
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT all -- anywhere anywhere
    DROP all -- base-address.mcast.net/4 anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain FORWARD (policy DROP)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    DROP all -- anywhere anywhere

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere

    Chain INT_IN (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain INT_OUT (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    ACCEPT all -- anywhere anywhere

    Chain PAROLE (13 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere

    Chain PUB_IN (5 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
    ACCEPT icmp -- anywhere anywhere icmp echo-reply
    ACCEPT icmp -- anywhere anywhere icmp time-exceeded
    ACCEPT icmp -- anywhere anywhere icmp echo-request
    PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data
    PAROLE tcp -- anywhere anywhere tcp dpt:ftp
    PAROLE tcp -- anywhere anywhere tcp dpt:ssh
    PAROLE tcp -- anywhere anywhere tcp dpt:smtp
    PAROLE tcp -- anywhere anywhere tcp dpt:domain
    PAROLE tcp -- anywhere anywhere tcp dpt:http
    PAROLE tcp -- anywhere anywhere tcp dpt:pop3
    PAROLE tcp -- anywhere anywhere tcp dpt:imap2
    PAROLE tcp -- anywhere anywhere tcp dpt:https
    PAROLE tcp -- anywhere anywhere tcp dpt:mysql
    PAROLE tcp -- anywhere anywhere tcp dpt:http-alt
    PAROLE tcp -- anywhere anywhere tcp dpt:8181
    PAROLE tcp -- anywhere anywhere tcp dpt:webmin
    ACCEPT udp -- anywhere anywhere udp dpt:domain
    ACCEPT udp -- anywhere anywhere udp dpt:mysql
    DROP icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain PUB_OUT (5 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere
     

Share This Page