Hello, we have a server with two network adapters eth0 and bond0. Some services are working there like ISPConfig with postfix, Apache, ftp etc. and some others which should only be accessed in LAN. I want to allow that all ports in the server are open for LAN (bond0, 192.168.1.x) and only some ports are open for WAN (eth0). In ISPConfig with bastille i can only open ports for both networks at the same time and not network specific. How can i deal with this problem?
Nice shiny and pretty. It is working like a charm. May be Arno firewall is the better/newer choice for ISPConfig. I think server have often WAN and LAN on the same installation. But now there are so many entries in iptables that the whole listing is not shown in ispconfig I thought my fail2ban installation would be cancelled, but the entries are at the end of "iptables -s" and not shown in ispconfig. is there a chance in the future to fix this in the template? Again, you safe my admin day edit: could be a cache problem. after 5 minutes the list in ispconfig is ok. Very nice, forget my insisting above