LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Closed Thread
 
Search this Thread
Old 12-31-2012, 01:51 AM   #1
sohailkmu
Member
 
Registered: Oct 2008
Posts: 81
Blog Entries: 1

Rep: Reputation: 15
ConfigServer Firewall problem - website not accessable from other places


Dear All,

We have our website hosted at virtual private server with a web hosting provider.

ConfigServer Firewall was disabled on it. I just enabled it but the problem is that it can only be accessed in places whose static ip are mentioned in firewall allow file.

We want our site to be accessed from all over the world with firewall enabled.

Kindly help urgently,

Thanks
 
Old 01-01-2013, 06:35 AM   #2
Chidokato
LQ Newbie
 
Registered: Jan 2013
Posts: 1

Rep: Reputation: Disabled
Config your firewall again, delete ip restriction or set allow from all.
 
Old 11-01-2013, 11:24 PM   #3
sohailkmu
Member
 
Registered: Oct 2008
Posts: 81
Blog Entries: 1

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by Chidokato View Post
Config your firewall again, delete ip restriction or set allow from all.
When I set 0.0.0.0/0 in csf.allow.

then it allows every ip. Can u please tell me how to delete ip restriction.

Thanks
 
Old 11-02-2013, 02:06 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,709
Blog Entries: 54

Rep: Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966
Since the product information page claims their product is
Quote:
comprehensive, straight-forward, easy and flexible to configure
you probably should invest time reading the documentation first. That's no guarantee because the part leading up to that line reads
Quote:
We have developed an SPI iptables firewall
which basically is marketoid language to disguise the fact it's nothing more than a (hyped up overrated) front-end. Now if you would choose to use the default iptables interface Linux comes with for firewalling it would be easier to help you...
 
Old 11-07-2013, 11:56 AM   #5
sohailkmu
Member
 
Registered: Oct 2008
Posts: 81
Blog Entries: 1

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by unSpawn View Post
Since the product information page claims their product is you probably should invest time reading the documentation first. That's no guarantee because the part leading up to that line reads which basically is marketoid language to disguise the fact it's nothing more than a (hyped up overrated) front-end. Now if you would choose to use the default iptables interface Linux comes with for firewalling it would be easier to help you...


Kindly help me.It blocks an IP but then it says that ip match in csf.allow may not block permanently.
 
Old 11-11-2013, 11:53 PM   #6
sohailkmu
Member
 
Registered: Oct 2008
Posts: 81
Blog Entries: 1

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by sohailkmu View Post
Kindly help me.It blocks an IP but then it says that ip match in csf.allow may not block permanently.
Please give your expert opinion.

I am pasting some information. Kindly help me to stop this menace.

1Vg56Q-0003Uk-HK-H
root 0 0
<root@server.xxxxxxx>
1384228642 0
-ident root
-received_protocol local
-body_linecount 11
-max_received_linelength 155
-allow_unqualified_recipient
-allow_unqualified_sender
-deliver_firsttime
XX
1
root@xxxxxxxxxx

190P Received: from root by server.xxxxxx with local (Exim 4.80.1)
(envelope-from <root@xxxxxx>)
id 1Vg56Q-0003Uk-HK
for root@server.xxxxxx; Tue, 12 Nov 2013 08:57:24 +0500
011* From: root
009* To: root
027T To: root@server.xxxxxx
069 Subject: lfd on server.xxxxx: blocked 115.47.26.67 (CN/China/-)
032F From: <root@server.xxxxxx>
050I Message-Id: <E1Vg56Q-0003Uk-HK@server.xxxxxx>
038 Date: Tue, 12 Nov 2013 08:57:22 +0500

Data spool file

1Vg56Q-0003Uk-HK-D
Time: Tue Nov 12 08:57:17 2013 +0500
IP: 115.47.26.67 (CN/China/-)
Failures: 5 (smtpauth)
Interval: 3600 seconds
Blocked: Permanent Block (IP match in csf.allow, block may not work)

Log entries:

2013-11-12 08:16:10 fixed_login authenticator failed for (21cn.com) [115.47.26.67]:4649: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:30:23 fixed_login authenticator failed for (gw.com.cn) [115.47.26.67]:1516: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:44:08 fixed_login authenticator failed for (zhaodaola.com.cn) [115.47.26.67]:3111: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:44:54 fixed_login authenticator failed for (kotis.net) [115.47.26.67]:3766: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:57:05 fixed_login authenticator failed for (tsinghua.edu.cn) [115.47.26.67]:3942: 535 Incorrect authentication data (set_id=info@xxxxxx)
 
Old 11-13-2013, 02:44 AM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,709
Blog Entries: 54

Rep: Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966Reputation: 2966
It seems you lack working knowledge of CSF:
Quote:
Originally Posted by sohailkmu View Post
Code:
Blocked:  Permanent Block (IP match in csf.allow, block may not work)
plus now there's two threads on the same subject so I'm closing this one. Please continue here: https://www.linuxquestions.org/quest...2/#post5063538 .
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot connect to particular website w/ firewall running DutchGeek Linux - Networking 13 10-18-2012 05:32 PM
[SOLVED] Access website and send emails problem using shorewall as firewall and qmail as MTA Eduardo Mena Linux - Server 5 09-27-2011 09:39 AM
[SOLVED] Linux Ubuntu - Places - Network Places Bookmarks question ejspeiro Linux - Networking 1 04-19-2011 11:50 AM
POP3 through iptyables and ConfigServer Security & Firewall actiononline Linux - Security 2 09-24-2010 01:01 PM
Cant access website behind firewall supertrout Linux - Networking 2 10-15-2004 02:10 AM


All times are GMT -5. The time now is 03:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration