bastille with linux next kernel not working - webserver hacked/stopped/killed I compiled a fresh linux next kernel. Now at bootup it shows bastille can't be activated. Restarting it manually shows: /sbin/bastille-ipchains: Zeile 442: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 459: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden /sbin/bastille-ipchains: Zeile 464: /sbin/ipchains: Datei oder Verzeichnis nicht gefunden In the debian packages bastille is not listed for squeeze. So I downloaded the bastille sources and started the install.sh script - it shows DB6.0 is not supported. Maybe someone of you knows how to regain a functional bastille-firewall. update: perfect, webserver has been hacked/stopped over night. Can you please answer this issue?
Bastille is just an iptables (kernel 2.4 and newer)/ipchains (kernel 2.2) wrapper script that comes with ISPConfig, so all you need is iptables/ipchains. Make sure you compiled your kernel with iptables support.
CONFIG_IP_NF_QUEUE=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_AH=m CONFIG_IP_NF_MATCH_ECN=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_NETMAP=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_CLUSTERIP=m CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_RAW=m CONFIG_IP_NF_SECURITY=m CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m I used the original config-2.6.32-5-686 for compilation, looks like it's supported. iptables -L shows: Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh fail2ban-courierpop3 tcp -- anywhere anywhere multiport dports pop3 fail2ban-courierimaps tcp -- anywhere anywhere multiport dports imaps fail2ban-sasl tcp -- anywhere anywhere multiport dports smtp fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp fail2ban-courierimap tcp -- anywhere anywhere multiport dports imap2 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-courierimap (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-courierimaps (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-courierpop3 (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-pureftpd (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-sasl (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-ssh (1 references) target prot opt source destination
