I use ISPConfig for several years and the first time I can not solve the problem yourself. There also found nothing that worked on the internet or in the forum. ISPConfig ##### ##### ISPConfig version is 3.0.5.4p8 CHECK VERSION ##### ##### [INFO] php (CLI) version is 5.6.14-0 + deb8u1 [INFO] php-cgi (used for cgi php in default vhost!) Is version 5.6.14-0 + deb8u1 Sytem Debian Jessie updated, installation as described in https://www.howtoforge.com/tutorial/perfect-server-debian-8-jessie-apache-bind-dovecot-ispconfig-3/ When Ispconfig Firewalls in the System -> Firewall menu is on, server stops resolve domain names to IP address. According to one of the guides I added parameter of listen-on port 53 {any; }; /etc/bind/named.conf.option file - it has not changed anything. When the Ispconfig firewall is turned ON: ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:110 (950/dovecot) [anywhere]:143 (1/init) [anywhere]:465 (1199/master) ***.***.***.***:53 (2670/named) [localhost]:53 (2670/named) [anywhere]:21 (12614/pure-ftpd) [anywhere]:22 (308/sshd) [localhost]:953 (2670/named) [anywhere]:25 (1199/master) [anywhere]:993 (1/init) [anywhere]:995 (950/dovecot) [localhost]:10025 (1199/master) [anywhere]:587 (1199/master) [localhost]:11211 (310/memcached) [localhost]10 (950/dovecot) [localhost]43 (950/dovecot) *:*:*:*::*:8080 (3638/fcgi-pm) *:*:*:*::*:80 (3638/fcgi-pm) *:*:*:*::*:8081 (3638/fcgi-pm) *:*:*:*::*:465 (1199/master) *:*:*:*::*:53 (2670/named) *:*:*:*::*:21 (12614/pure-ftpd) *:*:*:*::*:22 (308/sshd) *:*:*:*::*:953 (2670/named) *:*:*:*::*:25 (1199/master) *:*:*:*::*:443 (3638/fcgi-pm) *:*:*:*::*:993 (950/dovecot) *:*:*:*::*:995 (950/dovecot) *:*:*:*::*:3306 (29366/mysqld) *:*:*:*::*:587 (1199/master) ##### IPTABLES ##### Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- [anywhere]/0 ***.***.***.***/8 ACCEPT all -- [anywhere]/0 [anywhere]/0 DROP all -- ***.***.***.***/4 [anywhere]/0 PUB_IN all -- [anywhere]/0 [anywhere]/0 PUB_IN all -- [anywhere]/0 [anywhere]/0 PUB_IN all -- [anywhere]/0 [anywhere]/0 PUB_IN all -- [anywhere]/0 [anywhere]/0 PUB_IN all -- [anywhere]/0 [anywhere]/0 DROP all -- [anywhere]/0 [anywhere]/0 Chain FORWARD (policy DROP) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- [anywhere]/0 [anywhere]/0 PUB_OUT all -- [anywhere]/0 [anywhere]/0 PUB_OUT all -- [anywhere]/0 [anywhere]/0 PUB_OUT all -- [anywhere]/0 [anywhere]/0 PUB_OUT all -- [anywhere]/0 [anywhere]/0 Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- [anywhere]/0 [anywhere]/0 DROP all -- [anywhere]/0 [anywhere]/0 Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain PAROLE (16 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain PUB_IN (5 references) target prot opt source destination ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 3 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 0 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 11 ACCEPT icmp -- [anywhere]/0 [anywhere]/0 icmptype 8 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:20 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:21 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:25 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:110 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:143 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:443 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:587 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:993 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:995 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:3306 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8080 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8081 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:10000 PAROLE tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:53 ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:3306 ACCEPT udp -- [anywhere]/0 [anywhere]/0 udp dpt:53 DROP icmp -- [anywhere]/0 [anywhere]/0 DROP all -- [anywhere]/0 [anywhere]/0 Chain PUB_OUT (5 references) target prot opt source destination ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-dovecot-pop3imap (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-postfix-sasl (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-pureftpd (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-ssh (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 When the Ispconfig firewall is turned OFF: ##### LISTENING PORTS ##### (only () Local (Address) [anywhere]:110 (950/dovecot) [anywhere]:143 (1/init) [anywhere]:465 (1199/master) ***.***.***.***:53 (2670/named) [localhost]:53 (2670/named) [anywhere]:21 (12614/pure-ftpd) [anywhere]:22 (308/sshd) [localhost]:953 (2670/named) [anywhere]:25 (1199/master) [anywhere]:993 (1/init) [anywhere]:995 (950/dovecot) [localhost]:10025 (1199/master) [anywhere]:587 (1199/master) [localhost]:11211 (310/memcached) [localhost]10 (950/dovecot) [localhost]43 (950/dovecot) *:*:*:*::*:8080 (3638/fcgi-pm) *:*:*:*::*:80 (3638/fcgi-pm) *:*:*:*::*:8081 (3638/fcgi-pm) *:*:*:*::*:465 (1199/master) *:*:*:*::*:53 (2670/named) *:*:*:*::*:21 (12614/pure-ftpd) *:*:*:*::*:22 (308/sshd) *:*:*:*::*:953 (2670/named) *:*:*:*::*:25 (1199/master) *:*:*:*::*:443 (3638/fcgi-pm) *:*:*:*::*:993 (950/dovecot) *:*:*:*::*:995 (950/dovecot) *:*:*:*::*:3306 (29366/mysqld) *:*:*:*::*:587 (1199/master) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-dovecot-pop3imap (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-postfix-sasl (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-pureftpd (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain fail2ban-ssh (0 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Greetings and congratulations on the excellent work which is ISPConfig!
Is this a virtual server? There can be problems on servers that use openvz / virtuozzo when using iptables firewalls.
Exactly! This is my first VPS server. Until now, I put servers as independent units. So take advantage of the firewall, which is in panel of VPS Provider and ISPConfig firewall leave off?