Hi All
I have a server running Debian that i setup with an autoinstall script of the site a few months ago, everything was running well, but lately the firewall has stated blocking my peers, it only ever has ip's i know in the log never any strange ones.
How can i disable this?
cheers
Debian server firewall issue
- multipack
- Thread is marked as Resolved.
There are 18 replies in this Thread which was already clicked 1,652 times. The last Post () by newtolinux.
-
-
if you used an auto install script it is likely that you have a fail2ban script running with iptables
new2
-
thanks for the reply but how can i disable the fw altogether?
Cheers -
if you issue as root
iptables -L
that will give an output of all currently configured firewall tables. Fail2ban from install script usually blocks ip's contained within the warnings.txt file that cccam generates. So if you disable this in your cccam.cfg fail2ban can no longer block anyone as no log is genreated
new2
-
iptables -L produces
Chain INPUT (policy ACCEPT)
target prot opt source destinationChain FORWARD (policy ACCEPT)
target prot opt source destinationChain OUTPUT (policy ACCEPT)
target prot opt source destinationIt doesnt ban using the warning.txt file it uses the illegal.log thats in /emu/log
-
ok no firewall rules are running so must be fail2ban running . to check for fail2ban as root user in telnet : -
/etc/init.d/fail2ban status
new2
-
/etc/init.d/fail2ban status brings up nothing
fail2ban is installed but its not configured this is the tut i followed http://linuxsat-support.com/li…-auto-install-script.html -
did the script auto install the fail2ban or did you install
new2
-
do you have any logging in
/var/log/fail2ban.log
new2
-
also fail2ban.conf ( main config file ) is in /etc/fail2ban.conf
new2
-
thanks again for the reply
no the log files are empty, i dont think its configured to block anything.
when i built my first debian server ages ago i was told by somebody on here to rename some files as the firewall in the script has problems
but of course i cant remember who told me or what the files were that needed renamed, but i know you could just call them anytthing you wanted
this stopped the firewall from running. -
but you say fail2ban is unconfigured so it shouldnt be blocking anything really .
check in the main config file for fail2ban and see if there are rules.
new2
-
i dont think it is fail2ban thats doing the blocking, there is nothing in the configuration to block ip's or let ones through i installed it but never configured it
The firewall can block any of my peers at random, if it was a fail2ban problem would it not be an ip that wasnt added or something like that?It seems to happen more with one peer, although it does it to all of them, the one inparticulars ip keeps changing, i have locked my F lines, could this be the problem?
-
Do not unlock your lines this is asking for trouble.
Before completely removing try this.
Allow everything firewallThis opens up everything.
Bash#!/bin/sh iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -F iptables -X
If you want to completely remove issue command
Then delete all files related to iptables that remain, sorry i no longer have debian running so cannot say exactly which files.
-
Thanks ten-below i'll have to leave it a few days to see what happens but i'll report back if it has cured it or not :)
Sorry forgot to ask, will this be there after a reboot?
Cheers
-
If you remove then no, if you try Allow everything firewall then it will return to default after reboot.
-
After a bit of digging around i found the script in emu/script its called illegal.sh i commented out all the lines so hopefully if its not right i can just remove the comments and it should be back again.
-
-
illegal.sh would do it for sure .
new2
Participate now!
Don’t have an account yet? Register yourself now and be a part of our community!