ISPConfig firewall issue

Discussion in 'Installation/Configuration' started by dwyoung, Dec 10, 2005.

  1. dwyoung

    dwyoung New Member

    I recently setup a server using the FC4 Perfect Setup tutorial. I've got things up and running with my website and ISPConfig, but when I try to turn on the firewall on my website is no longer reachable from the internet. If I turn the firewall off again and browse for my website it comes up with no problem.

    According to my firewall rules, port 80 is open so I'm puzzled as to what is going on here. Here's the output of iptables -L:

    Chain FORWARD (policy DROP)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    DROP all -- anywhere anywhere

    Chain INPUT (policy DROP)
    target prot opt source destination
    DROP tcp -- anywhere 127.0.0.0/8
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT all -- anywhere anywhere
    DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain INT_IN (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain INT_OUT (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    ACCEPT all -- anywhere anywhere

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere

    Chain PAROLE (9 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere

    Chain PUB_IN (3 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
    ACCEPT icmp -- anywhere anywhere icmp echo-reply
    ACCEPT icmp -- anywhere anywhere icmp time-exceeded
    ACCEPT icmp -- anywhere anywhere icmp echo-request
    PAROLE tcp -- anywhere anywhere tcp dpt:ftp
    PAROLE tcp -- anywhere anywhere tcp dpt:ssh
    PAROLE tcp -- anywhere anywhere tcp dpt:smtp
    PAROLE tcp -- anywhere anywhere tcp dpt:domain
    PAROLE tcp -- anywhere anywhere tcp dpt:http
    PAROLE tcp -- anywhere anywhere tcp dpt:81
    PAROLE tcp -- anywhere anywhere tcp dpt:pop3
    PAROLE tcp -- anywhere anywhere tcp dpt:https
    PAROLE tcp -- anywhere anywhere tcp dpt:10000
    ACCEPT udp -- anywhere anywhere udp dpt:domain
    DROP icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain PUB_OUT (3 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Do you use "your" firewall or the ISPCOnfig firewall? If you want to use an other firewall then the ISPConfig firewall, you must deactivate the ISPConfig firewall first under Management > Server > Services
     
  3. dwyoung

    dwyoung New Member

    I want to use the ISPConfig firewall. I did not install the firewall that comes with Fedora Core 4 when I installed my operating system.
     
  4. falko

    falko Super Moderator Howtoforge Staff

    Is your server connected directly to the internet, or is it in some kind of local network behind a router?
    Did you change the Apache configuration so that it uses another port than 80?
     
  5. dwyoung

    dwyoung New Member

    My server is connected to the internet through a wireless router. I have port forwarding configured on the router to forward port 80 to my server. ISPConfig is currently using port 81. All of this seems to play nicely and the webserver works just how it's supposed to until I turn the firewall on and then I can no longer access my website.
     
  6. falko

    falko Super Moderator Howtoforge Staff

    Can you post the output of
    Code:
    ifconfig
    and
    Code:
    iptables -L
    (when the firewall is turned on)?
     

Share This Page