Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Firewall blocking EVERYTHING

Status
Not open for further replies.
garwain

garwain

Programmer
Jan 30, 2002
461
CA
last night I used webmin to change my IPCHAINS firewall settings to LOW from MEDIUM security using a third-party module and now I'm unable to resolve any domain name that is hosted by the server, I can't log into webmin, I can't even get in with SSH or telnet or ftp

Is there other remote access method that can be used to configure the firewall that I've missd?
 
Sort by date Sort by votes
IMO:If you use webmin to configure your "firewall" you
shouldn't be messing with it in the first place.

Try this:
 ipchains -I input -s 0/0 -d fwbox -p udp --dport 53  -j ACCEPT
 ipchains -I input -s mytrustedadminhost -d fwbox -j ACCEPT
 ipchains -I input -s 0/0 -d fwbox -p tcp --dport 20:21  -j ACCEPT
 ipchains -I input -s 0/0 -d fwbox -p udp --dport 20:21  -j ACCEPT
 ipchains -I input -s mytrustedadminhost -d fwbox -p tcp  --dport 22 -j ACCEPT
 ipchains -I input -s mytrustedadminhost -d fwbox -p tcp  --dport 23 -j ACCEPT
 ipchains -I input -s 0/0 -d fwbox -p icmp -j ACCEPT -l
 ipchains -I input -s mytrustedadminhost -d fwbox -p tcp \  --dport webmin -j ACCEPT -l

Maybe *fincham can go and do a google search for more answers.
 
Upvote 0 Downvote
Hi,

Sounds like you've done the network equivalent to locking yourself out of the house. You clearly need to change the firewall rules back but you are going to have big problems if your only access to the server is remote access via IP which its sounds like from what you say.

From the lokkit source code ... "Medium" means :

Medium Security -- Choosing Medium Security will
not allow your system to have access to certain
resources. By default, access to the following
resources are not allowed:

* ports lower than 1023 -- these are the
standard reserved ports, used by most system
services, such as FTP, SSH, telnet, and HTTP.
* NFS server port (2049)
* the local X Window System display for remote X
clients
* the X Font server port (This is disabled by
default in the font server.)

If you want to allow resources such as
RealAudio(tm), while still blocking access to
normal system services, choose Medium Security.
You can choose Customize to allow specific
services through the firewall.


So, unless you've got something special running on a high port then network access is impossible (assuming no 'sploits) and you (or someone on your behalf) will have to access the physical machine.

Hope this helps


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

nyck
  • Locked
  • Question
RHEL6.3 firewall issue
Replies
3
Views
161
nyck
nyck
southbeach
  • Locked
  • Question
QUERY_STRING has everything to the right of ? - What variable holds everything to the left? 1
Replies
1
Views
123
feherke
feherke
fzx5v0
  • Locked
  • Question
IPTables outgoing firewall rules
Replies
1
Views
158
minicompbx
minicompbx
Argonto
  • Locked
  • Question
Accessing Website behind firewall through another website on the same network
Replies
1
Views
107
normntwrk
normntwrk
ThomasJSmart
  • Locked
  • Question
iptables blocking email to server
Replies
2
Views
177
Noway2
Noway2

Part and Inventory Search

Sponsor

Back
Top