ISPConfig Firewall Bastille udp port range

Discussion in 'Installation/Configuration' started by stefanr, Jul 24, 2007.

  1. stefanr

    stefanr HowtoForge Supporter

    Hello @ll,


    i read in the forum that can port ranges define at 2000:2100.
    But can also udp port ranges define at the ISPConfigWebsite?

    I insert the udp port range "27000:27015" and after select the OK button the port range was "27000:2701". I tried another port range tcp "27030:27039" and after the OK button the port range was changed to "27030:2703". I defined in the Form Editor the "sys - ISP Firewall" table the max. Length value of "service_port" from 12 to 15.
    Now i can define my port ranges tcp and udp, but the Firewall doesn't open the specified port ranges.

    So please have anyone a idea?

    thx stefan
     
  2. falko

    falko Super Moderator

    Do you see the correct port ranges in /etc/Bastille/bastille-firewall.cfg?
     
  3. stefanr

    stefanr HowtoForge Supporter

    less /etc/Bastille/bastille-firewall.cfg |grep 270

    Hello Falko,

    thanks for reply.

    when i

    host:~# less /etc/Bastille/bastille-firewall.cfg |grep 270

    i get

    TCP_PUBLIC_SERVICES="21 22 25 53 80 81 110 443 10000 2222 993 465 8000:8001 8001 9000:9001 14534 51234 27030:2703 27015 9000"

    UDP_PUBLIC_SERVICES="53 8767 27000:2701 1200 27020"

    i think that the ISPConfig Webinterface doesn't insert the full port ranges into
    the /etc/Bastille/bastille-firewall.cfg.

    Stefan
     
  4. stefanr

    stefanr HowtoForge Supporter

    Bug? Feature? Workaround?

    dear falko, dear till,

    no ideas? Can you give me a workaround for the problem?

    STEFAN
     
  5. falko

    falko Super Moderator

    I think you must increase the length of the field dienst_port in the table isp_firewall in the ISPConfig database as well.

    I've added this to the bugtracker.
     
  6. stefanr

    stefanr HowtoForge Supporter

    OK fine.

    THX

    STEFAN
     
  7. falko

    falko Super Moderator

    I've fixed this. :)
     

Share This Page