04-07-2005, 04:35 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Apr 2003
Posts: 80
|
|
Dont think this was mentioned in this forum before.. perhaps others.. but seems kinda old... or out of date...
so... i guess it's about time to bring this topic up again.. 
what firewall are you using for vps??
personally i tried using APF it blocked all my outgoing mails..
i wonder what went wrong.. haha.. but other than that.. when first starting up.. it would seem to have hang my vps.. but after that.. it's alright....
are there any firewalls out that which wont block ALL outgoing mails?
thanks for the input
|
04-07-2005, 04:37 PM
|
|
& Goliath
|
|
Join Date: Oct 2003
Location: San Diego
Posts: 8,805
|
|
Xavior,
Whether you're installing a firewall for a VPS, dedicated or home machine there are configuration changes that will need to be made depending on what you want to allow in or out.
I believe APF now fully works on virtuozzo VPS'es, what type do you have?
|
04-07-2005, 07:40 PM
|
|
Retired Moderator
|
|
Join Date: Jan 2003
Posts: 9,000
|
|
Did you manually configure the ports? By default, APF only enables the SSH port, so it needs to be configured. For VPS, you would also want to enable the Monokern option.
|
04-07-2005, 07:45 PM
|
|
Community Guide
|
|
Join Date: Jun 2000
Location: Washington, USA
Posts: 5,976
|
|
I use iptables for firewalling, works very well for handling my needs.
__________________
John T. Yocum -- Fluid Hosting
Shared - VPS - Dedicated - Colocation
|
04-08-2005, 07:04 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Apr 2003
Posts: 80
|
|
i'm using virtuozzo VPS...
ya it appeared so...
but i have config it according to the thread below.. but it still blocks my out going mails.. it allowed every thing else(that usually what webhosts accept) but my outgoing mails!?!?!
http://www.webhostingtalk.com/showth...hreadid=284575
|
04-08-2005, 07:06 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Apr 2003
Posts: 80
|
|
and yes, i switch Monokern to 1
|
04-09-2005, 03:34 PM
|
|
Newbie
|
|
Join Date: May 2004
Posts: 9
|
|
Make sure the network card is set to the correct name as well. Many VPS network interfaces will be venet0 or something similar, but the default in APF will be eth0. If you are using antidos, you will need to search it's file for eth0 and replace with the correct name of your network interface.
|
04-09-2005, 10:27 PM
|
|
Disabled
|
|
Join Date: Oct 2004
Location: United Kingdom
Posts: 43
|
|
I tried installing APF using my Virtuozzo Vps.
Customised the ethernet device to 'venet0:0' and then started APF
And it locked me out so i gave up completely...
|
04-10-2005, 07:13 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Apr 2003
Posts: 80
|
|
I have set the network card to venet0 already.. and that's why it is actually blocking out going traffic.. in this case .. my mails..
so.. i really dont know what is going on.. i have already installed everything according to the thread i gave above, set the network card to venet0 and monokern to 1..
can anyone please help? thanks
|
04-10-2005, 09:24 AM
|
|
Disabled
|
|
Join Date: Oct 2004
Location: United Kingdom
Posts: 43
|
|
Are you using cPanel,
And if so, have you set the correct port list so that the ports don't get blocked.
|
04-11-2005, 09:47 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Apr 2003
Posts: 80
|
|
Well, the link that i posted is a link to setting up APF for cpanel.
and just as what i have said... what i have done.. is according to the post above.
so what is wrong here!!!!
|
04-11-2005, 09:50 AM
|
|
& Goliath
|
|
Join Date: Oct 2003
Location: San Diego
Posts: 8,805
|
|
xavior84,
Post your APF configuration here.
|
04-11-2005, 12:44 PM
|
|
Retired Moderator
|
|
Join Date: Jan 2003
Posts: 9,000
|
|
If you are using Virtuozzo, you need to ask your provider which IPtables modules they enable. By default, most of the IPtables modules are not enabled. So it is highly likely APF will not work on your VPS. Talk to your provider.
|
04-13-2005, 03:29 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Apr 2005
Posts: 61
|
|
I never used a VPS before, am interested but I usually am more comfortable writing my own firewall rules... Is that possible? At first I thought it was like a full accessed server with root but from looking at sites they seem to only allow a few things.. X amount of email/webfowarding, mysql, etc.
|
04-17-2005, 07:32 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Apr 2003
Posts: 80
|
|
Sorry for the late reply..
here's my cfg
-------------------
DEVM="0"
IF="venet0"
MONOKERN="1"
CDPORTS="135_139,111,513,445,1433,1434,1234,1524,3127"
IG_TCP_CPORTS="21,22,25,53,80,110,143,465,953,993,995,2082,2083,2084,2086,2087,2095,2096,3306,6666,7786,3000_3500"
IG_UDP_CPORTS="53,6277"
IG_ICMP_TYPES="3,5,11,0,30,8"
EGF="0"
EG_TCP_CPORTS="21,25,37,53,80,110,113,123,443,43,873,953,2089,2703,3306"
EG_UDP_CPORTS="20,21,53,873,953,6277"
EG_ICMP_TYPES="all"
USE_DS="1"
USE_AD="1"
----------------------------------
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
