Stium
10-21-2004, 10:04 AM
Which one do you use?
 | View Full Version : Firewall suggestion. Stium 10-21-2004, 10:17 AM Blah I installed APF I figure it is the most common so it is the best. What is the suggested TCP and UDP port settings? angst7 10-21-2004, 10:33 AM Use the search :) And try this http://www.webhostingtalk.com/showthread.php?s=&threadid=227090 for starters... You may also want to install BFD alongside APF. eth00 10-21-2004, 10:36 AM Just make sure you get your control panel ports, they all use different ports. Stium 10-21-2004, 10:41 AM IG_TCP_CPORTS="20,21,22,25,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096,3306,7786,10000,35000_35999" IG_UDP_CPORTS="20,21,53,873,1040" Suggestions on those ports? I'm installing BFD now. Morphix 10-21-2004, 11:06 AM Originally posted by Stium IG_TCP_CPORTS="20,21,22,25,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096,3306,7786,10000,35000_35999" IG_UDP_CPORTS="20,21,53,873,1040" Suggestions on those ports? I'm installing BFD now. Studying your port list, I could tell that you're going to use cPanel and/or Webmin. So, which control panel are you going to install on your machine, if any at all. Stium 10-21-2004, 11:43 AM cpanel What was the webmin port? Morphix 10-21-2004, 11:46 AM Originally posted by Stium cpanel What was the webmin port? Webmin binds itself to 10000 Stium 10-21-2004, 11:49 AM blah alright, I knew 10000 was for something but I couldn't remember what so I added it. I havn't used webmin for a while now. Thanks mate Morphix 10-21-2004, 11:53 AM BTW, speaking of ports, what are you using 7786 and 35000_35999 for? Stium 10-21-2004, 11:56 AM No clue, they were suggested to me by another user. I believe 7786 is plesk but I'm not sure... My server is at the planet. They told me I've got to allow all TCP UDP on all ports for their monitoring.. You ever heard of this? Morphix 10-21-2004, 12:08 PM Originally posted by Stium No clue, they were suggested to me by another user. I believe 7786 is plesk but I'm not sure... My server is at the planet. They told me I've got to allow all TCP UDP on all ports for their monitoring.. You ever heard of this? Hmmmm, you don't need to open all your ports for them to monitor your server... try this, open all the necessary ports for your server (including cPanel ports), and then ask The Planet what is the monitoring server's IP, and add that IP to your allow_hosts file (I'm assuming you're using APF). NexDog 10-22-2004, 03:27 AM Plesk runs on 8443. And we write our own firewalls. :) welcomebo 10-22-2004, 11:52 AM iptables is too complicated. I am using APF tool, it is really good. current version: http://www.rfxnetworks.com/downloads/apf-current.tar.gz you can also use debug mod to test it until you are satisfied. Babushka99 10-22-2004, 05:54 PM Just out of curiosity, why not invest/lease a hardware firewall. Much easier to maintain, robust, tons of functions, etc. dollar 10-22-2004, 06:10 PM Just out of curiosity, why not invest/lease a hardware firewall. Much easier to maintain, robust, tons of functions, etc. They cost more than APF :) |