[ISPConfig3] Firewall port range

Discussion in 'Installation/Configuration' started by peterspoon, Mar 24, 2009.

  1. peterspoon

    peterspoon New Member

    So, I have a short question. How to open some port range in ISPC3? When I input ports like xxx:yyy I get
    ERROR
    1. tcp_ports_error_regex

    Should I use some other syntax? Or is it disabled? I remember it was possible in ISPC2.
     
  2. till

    till Super Moderator

    Port ranges are disabled at the moment as the regex for the input test does not allow them. I added : to the regex, so if you upadte to the ltesat svn revision then port ranges should work now.
     
  3. millipede

    millipede New Member

    Hi

    I am using ISPC 3.0.1.3
    I am trying to open a range for passive FTP
    The firewall page does accept the : now as you mentioned (thanks), but it does not open the whole range.
    It seems only to open the start port:

    e.g. my entry in ISPC
    server.name 20,21,22,25,80,110,143,443,8810,20000:30000

    and iptables -L shows:
    Code:
    Chain PUB_IN (4 references)
    target     prot opt source               destination
    ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
    ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
    ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
    ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp-data
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:www
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:imap2
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:8810
    PAROLE     tcp  --  anywhere             anywhere            tcp dpt:20000
    DROP       icmp --  anywhere             anywhere
    DROP       all  --  anywhere             anywhere
    whereas our entry in question should read
    Code:
    PAROLE     tcp  --  anywhere             anywhere            tcp dpts:20000:30000
    or am I terribly wrong here?

    best regards and keep up the good work,
    Christian
     
    Last edited: Jul 14, 2009

Share This Page