Log inUsernamePassword
Log me on automatically each visit    
Register
Register
Log in to check your private messages
Log in to check your private messages
SMS Forum Index » SMS User Support

Post new topic   Reply to topic
firewall question
View previous topic :: View next topic  
Author Message
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Sun Mar 15, 2009 7:42 pm    Post subject: firewall question Reply with quote

I have been testing 1.4.2 before switching to production mode. No changes have been made to server for a month.

Yesterday I changed the webmin port from '10000' to a new port. This morning I was going thru the webmin modules and looked at the firewall module. To my surprise there was a policy there and according to time stamp put there yesterday.

I was wondering if you could tell me what this policy means:

# Generated by iptables-save v1.4.2 on Sun Mar 15 10:57:03 2009
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [1:558]
:OUTPUT ACCEPT [1:558]
COMMIT
# Completed on Sun Mar 15 10:57:03 2009
# Generated by iptables-save v1.4.2 on Sun Mar 15 10:57:03 2009
*mangle
:PREROUTING ACCEPT [5:260]
:INPUT ACCEPT [5:260]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5:1572]
:POSTROUTING ACCEPT [5:1572]
COMMIT
# Completed on Sun Mar 15 10:57:03 2009
# Generated by iptables-save v1.4.2 on Sun Mar 15 10:57:03 2009
*filter
:INPUT ACCEPT [7945989:4351853093]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [13135277:17519156628]
:fail2ban-ProFTPD - [0:0]
:fail2ban-SSH - [0:0]
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH
-A fail2ban-ProFTPD -j RETURN
-A fail2ban-SSH -j RETURN
COMMIT
# Completed on Sun Mar 15 10:57:03 2009


thanks
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Sun Mar 15, 2009 8:02 pm    Post subject: Reply with quote

Check your /var/log/fail2ban.log and your administrator user's mails.
You can do a 'iptables -L' alternative.

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Sun Mar 15, 2009 8:22 pm    Post subject: Reply with quote

thanks for the reply.

ouptput:

tail /var/log/fail2ban.log
2009-03-11 15:37:59,657 fail2ban.filter : INFO Set findtime = 600
2009-03-11 15:37:59,658 fail2ban.actions: INFO Set banTime = -1
2009-03-11 15:37:59,736 fail2ban.jail : INFO Jail 'ssh-iptables' started
2009-03-11 15:37:59,740 fail2ban.jail : INFO Jail 'proftpd-iptables' started
2009-03-11 15:38:00,063 fail2ban.actions.action: ERROR iptables -N fail2ban-ProFTPD
iptables -A fail2ban-ProFTPD -j RETURN
iptables -I INPUT -p tcp --dport ftp -j fail2ban-ProFTPD returned 400
2009-03-15 04:40:02,623 fail2ban.filter : INFO Log rotation detected for /var/log/secure
2009-03-15 04:40:02,711 fail2ban.filter : INFO Log rotation detected for /var/log/messages
2009-03-15 10:56:26,097 fail2ban.filter : INFO Log rotation detected for /var/log/secure

Doesn't appear to be anything.

iptables -L output:

Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-ProFTPD (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere

Chain fail2ban-SSH (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere


really not very good at reading this but looks okay to me.

thanks
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Sun Mar 15, 2009 8:29 pm    Post subject: Reply with quote

Those are your entries, they are OK.

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Sun Mar 15, 2009 8:38 pm    Post subject: Reply with quote

When you say those are my entries, I need to be clear here. I did not put those in, so is it okay to delete?

thanks
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Sun Mar 15, 2009 9:02 pm    Post subject: Reply with quote

fail2ban add those, they are OK! no need to do anything.

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Sun Mar 15, 2009 9:04 pm    Post subject: Reply with quote

thank you. I know sometimes I'm a pain but I am learning. Went out and bought firewall book on iptables.

thanks again
Back to top
View user's profile Send private message
gerasimos_h
Site Admin


Joined: 09 Aug 2007
Posts: 1757
Location: Greece

PostPosted: Sun Mar 15, 2009 9:07 pm    Post subject: Reply with quote

If you build a good firewall script you can contribute it to SMS Smile

gerasimos_h

_________________
Superb! Mini Server Project Manager
http://sms.it-ccs.com
Back to top
View user's profile Send private message Visit poster's website
baboo
Senior Member


Joined: 04 Sep 2007
Posts: 676

PostPosted: Sun Mar 15, 2009 10:54 pm    Post subject: Reply with quote

I would not hold my breath waiting for that outcome. Smile
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    SMS Forum Index » SMS User Support All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum

SMS - Superb! Mini Server Project © 2016
Powered by phpBB © 2001, 2002 phpBB Group
iCGstation v1.0 Template By Ray © 2003, 2004 iOptional