Hi all I tried to follow the howto but I noticed that the file /etc/firewall/firewall.conf.iptables is missing end this file is needed by firewall.iptables daemon. Can anyone tell me where I can download this file or send here an example config file??? Tks in advance Merlos
OK I found out a config file to start http://www.penguinsecurity.net/pensec/modules.php?name=News&file=print&sid=39 Hope is useful for someone else... Bye
Im sorry about that... Yes you need that file, but most people do... if you don't this is what to do. Put firewall.conf.iptables, firewall.dns, firewall.banned, firewall.iana-reserved, and firewall.local.iptables (remove the "-generic" from the file names) in a directory called /etc/firewall. <-- that is if my other way didnt work, its just a case of kernel directories and dependincies.
Here u go Those directories are where custom dependincies, user options and data output can be stored. If a directory is missing just type in gedit /etc/firewall/firewall.conf.iptables or anything as such and you should be good.
After Installing ISPConfig iptables wont start Hi Please help serious security problem. After installing ISPConfig iptables won't startup. No error what so ever. /etc/init.d/iptables start Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter mangle nat [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: [ OK ] /var/log/messages Apr 10 00:25:24 host kernel: Removing netfilter NETLINK layer. Apr 10 00:25:24 host kernel: ip_tables: (C) 2000-2002 Netfilter core team Apr 10 00:25:24 host kernel: Netfilter messages via NETLINK v0.30. Apr 10 00:25:24 host kernel: ip_conntrack version 2.4 (4094 buckets, 32752 max) - 232 bytes per conntrack Startef firewall using IPConfig, the firewall monitor page is totally different from my iptables rule ! ps -ef | grep iptables no iptables process ! Please help Cheer mebusybody
Sure, dont mix 2 iptable firewalls on the same server! Either use the ISPConfig firewall or any other firewall but not both! The ISPConfig firewall is the bastille firewall script taht you find in your /etc/init.d directory.
Nice to see that you fixed that one up... my first firewall script was to allow ports and services the second one was to monitor them.... its true what he said. My suggestion is that if the first one didnt work, (or the second one) just use one. Ill get on fixing that problem
Hi Till bastill-firewall is just a script, it will excute iptables or ipchain. It seem it is calling /sbin/bastill-netfilter, in my case I have iptables installed. Question is why ISPConfig use or what is the advantage of this script ? Cheers mebusybody
/sbin/bastille-netfilter is using iptables. You can check the state of your firewall with Code: iptables -L
The advantage of the bastille script is, that it works with IPTables and IPChains andcan be easiely configured with a config file.
bastille-netfilter i am running centos 4.3 and ispconfig, i am interested how to put default bastille sript (/sbin/bastille-netfilter) into booting process THX
Bastille is started automatically during the boot process if you enable it in ISPConfig under management > server > services
If I install Bastille before I even thinking about installing ispconfig, then, when installing ispconfig is my bastille config file going to be erased? Does ispconfig check if there is an existing bastille installed?
I'm very confused! Hi! I'm Renata from Brazil, and first anything else I'm very confused. I'm a 'new girl" in this "firewall lands" ;-) Please, let me know if my understanding of your tutorial is correct: .- The primary_firewall file is the firewall rules that protect the server. .- The firewall.iptables file is monitoring the rules (this is not the firewall rules) So, what about this another files (firewall.conf.iptables, firewall.dns, firewall.banned, firewall.iana-reserved, and firewall.local.iptables) to be located in /etc/firewall ?? They are really necessary for your tutorial work? .- The part where I'm lost is about to understand what is the function of the firewall.conf.iptables file. This file is not contradictory or conflict with your primary_firewall file? Which is the difference between them? I'm running a webserver Debian Lenny (LAMP) I'll appreciate a lot your answer! Thanks! Renata
