[ISPConfig3] Firewall port range

Discussion in 'Installation/Configuration' started by peterspoon, Mar 24, 2009.

  1. peterspoon

    peterspoon New Member

    So, I have a short question. How to open some port range in ISPC3? When I input ports like xxx:yyy I get
    ERROR
    1. tcp_ports_error_regex

    Should I use some other syntax? Or is it disabled? I remember it was possible in ISPC2.
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Port ranges are disabled at the moment as the regex for the input test does not allow them. I added : to the regex, so if you upadte to the ltesat svn revision then port ranges should work now.
     
  3. millipede

    millipede New Member

    Hi

    I am using ISPC 3.0.1.3
    I am trying to open a range for passive FTP
    The firewall page does accept the : now as you mentioned (thanks), but it does not open the whole range.
    It seems only to open the start port:

    e.g. my entry in ISPC
    server.name 20,21,22,25,80,110,143,443,8810,20000:30000

    and iptables -L shows:
    Code:
    Chain PUB_IN (4 references)
    target     prot opt source               destination
    ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
    ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
    ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
    ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:www
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:imap2
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:8810
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:20000
    DROP       icmp --  anywhere             anywhere
    DROP       all  --  anywhere             anywhere
    whereas our entry in question should read
    Code:
    PAROLE     tcp  --  anywhere             anywhere            tcp dpts:20000:30000
    or am I terribly wrong here?

    best regards and keep up the good work,
    Christian
     
    Last edited: Jul 14, 2009

Share This Page