Have activated the firewall with-in ispconfig, and now I am not able to access anything on the server. Um very frustrating, is there anyway of accessing ispconfig, like a back door. I know this is probably not a good idea, as it would make any security useless...............but any ideas? without having to do a total reinstall....................... installed on a debian etch system by the way.
sorted Quick e-mail to isp solved problem. Never setup a firewall without first setting some rules, DOUGH!!! Well its one way of learning...................
By the way, this problem could not have been caused by the ispconfig firewall as the ispconfig firewall never closes port 81 and the ssh port.
How port for ssh rule can be changed? or if new rule is created for ssh how can the original be disabled?
You can alter ssh port in ssh_config. But if you got firewall running make sure you open that port in there too otherwise you will lock yourself out...ha ha
I did all that but now I have two firewall rules: default SSH on port 22 and new one. How to delete default or at least disable it (deactivate)? or how to edit port for default SSH rule on ISPConfig firewall?
No I can't. When I try to modify Port for default SSH firewall rule i get this error: The following error occurred: This port cannot be altered. Thats the reason why I created new rule. The same error is displayed when i try to delete default SSH rule.
Ah, I remember. This rule cannot be changed or deleted to avoid that people lock themselves out of their servers.
can be added an option in conf file for each default rule to be dissabled/enabled in next version? or can ispconfig read settings for ssh port and update port accordingly to ssh conf?
change the ispconfig program here: vi /home/admispconfig/ispconfig/lib/classes/ispconfig_isp_firewall.lib.php -------------------------------------------------------------------------------- // SSH und ISPConfig immer offen if($doc_id == 2) { $go_api->db->query("UPDATE isp_firewall SET dienst_aktiv = 'ja', dienst_typ = 'tcp', status = '', dienst_port = '22' where doc_id = '$doc_id'"); $go_api->errorMessage($go_api->lng("Dieser Port kann nicht ge瓣ndert werden.").$go_api->lng("weiter_link")); } if($doc_id == 7) { $go_api->db->query("UPDATE isp_firewall SET dienst_aktiv = 'ja', dienst_typ = 'tcp', status = '', dienst_port = '81' where doc_id = '$doc_id'"); $go_api->errorMessage($go_api->lng("Dieser Port kann nicht ge瓣ndert werden.").$go_api->lng("weiter_link")); }http://googleads.g.doubleclick.net/...223216276099&adurl=http://www.zmanda.com&nm=9 -------------------------------------------------------------------------------- change the : dienst_port = '22' and dienst_port = '81' to what you want, then configure the firewall in Management->Server->Services->firewall again.
