After spending 4 hours, I found that doing; /sbin/bastille-netfilter stop made outgoing mails sent and dns resolve worked fine. I am new to ispconfig. Where do I control firewall? In system setting I tried enabling firewall and added all needed port but after just /sbin/bastille-netfilter start then outgoing mails and dns issue comes back again. What do you suggest? I am not sure if /sbin/bastille-netfilter default state is start or not.
Hi As per explained by you, I can suggest that you can have only one Firewall record in ISPConfig, please check that any oher Firewall record is created. DO you have any other firwall also installed?? Select the loglevel for the ISPConfig log (under Monitor > System State (All Servers) > Show System-Log). • Debug: This loglevel will log all output from ISPConfig, including warnings and errors. As the name says, this is usefull for debugging. • Warnings: This loglevel will log ISPConfig warnings and errors. • Errors: This loglevel will just log ISPConfig errors. Recommended for production systems. Please enable the basetille & check the logs & paste the Logs so that we can analyse the log. Br// Srijan
Is this a virtual server or "real" server? iptables based firewalls like bastille may not work correctly on virtual server that use openvz / virtuozzo. In general, you dont bneed a firewall when you instaled your server as described in the perfect setup guide as your server will run only servies then that shall be accessible from outside anyway.
@srijan I did not install any firewall. It is just a default perfect install. @srijan Yes this is a openvz. So I do not need a firewall?
You dont need a firewall to close ports when you run only that software that shall be accessible from outside. Blocking ports with a firewall were no service is running makes no sense. On openvz, you cant use a firewall anyway as it will interfere with the host system.
I see. It would be good idea to note that in install guide I guess. Can I unintalled builtin firewall for future issues.
The install guide did not instruct you to activate the firewall. The install guide contains all steps that you should do to install the server, so if it has no step that tells you to turn on the firewall, then its not nescessary. no need to uninstall it, just deactivate it again in ispconfig.
Not sure but even I deactivated it I had to run /sbin/bastille-netfilter stop manually. Anywall I will leave it so and see.
