Ventrilo. Can't Connect When APF Firewall On. When Off, I Can. Already Added Ports
Apr 23, 2008
My fedora server is running apf firewall. When I turn it off, clients can connect.
When I turn it on, it says MSG: Contacting Server.
I have already added ports 6100 and 3784 to /etc/apf/conf.apf by adding the ports to the lines, EG_TCP_CPORTS, EG_UDP_CPORTS, IG_TCP_CPORTS, and IG_UDP_CPORTS
I am currently in the throws of configuring a new dedicated "Windows Web Server 2008 / IIS7 / Plesk" server. As part of the setup I have obviously made sure the firewall is correctly setup. After doing this I have run a remote port scan (from my internet connected PC) to the IP address of the server. This has brought up two ports that should be blocked:
5190 1863
I can open a remote telnet session to both these ports, however if I remote desktop to the server and attempt a telnet connection both ports fail to respond.
Does anybody know what these ports are?
If it helps at all, the firewall surrounding the server is an external Cisco device
From some reasons, plesk is blocking incoming 25 port (in plesk shows opened, but it's not)My emails are delivered trough port 25, after doing some tests ( i've sent some emails to an email account hosted in the server) there was no email in the roundcube inbox! All emails were blocked...
a) Firewall was blocking the port 25 on server restart. b) I have succesfully unblocked it from plesk manager -> tools -> edit/change -> even if i didn't change anything, i saved the "changes" and in my roundcube inbox i recived all the test emails. c) In /var/log/maillog there is no error.
2. Passive FTP gets blocked in the same way, to successfully connect FireFTP on passive mode i need to repeat 1.b steps even if i've created a special rule to prevent the blocking, opening 49152-65534 ports and set PassivePorts 49152 65534 in /etc/proftpd.conf
The issue appears randomly, because in the last 5 days i didnĀ“t restart the server, the last time i checked it worked. Today, without touching anything, firewall blocked my passive FTP and I had probmels reciving emails from gmail, yahoo etc...
I have the web pro edition panel 12 on centos 6.5 64bit, and i have made some custom firewall rules in order to be able to run a teamspeak server. The problem is that the firewall randomly blocks the teamspeak port and keeps it blocked unless i restart the firewall.
Alright now this is the most intelligent way to send spam I have ever seen. Apparently a guy has made a PHP or Perl script that is acting as an MTA. That's right: He is neither using Sendmail nor Exim but he made a script that acts as an MTA. That means the script itself connects to third party mailservers via port 25 and communicates with the remote mailserver as if it was an MTA itself. This works even if Exim is entirely disbaled...
The spam still get's sent. The script is running only occasionally...not like a daemon.
So it is nearly impossible to locate it. You have no Exim logs to look at. And in the Apache logs any PHP script could be it... You are not able to find that out. Therefore I am unable to stop him unless I manage to block outgoing connections to another host's port 25 for any program but for exim.
How can I configure my firewall (APF) so that only Exim my connect to other servers via port 25? Is that even possible?
I am having trouble connecting to my ssh server. It responds with a lengthy error message about no network etc. but it is the last message that concerns me:
Sometimes, such troubles can be caused by a misconfigured firewall.
How can I check the firewall if I cannot connect to ssh? I am running plesk 11.5 control panel and CentOS 6. Is this something I can do from plesk?
I can see that the firewall in plesk is set to allow all for ssh, but I cannot see way to disable the firewall to test ssh connection. Can this be done from plesk?
I know there is alot of people out there that make their own vent cp's and I was wondering if you would like to share them with me! (a small guide on how to install them would also be helpful)
I had csf firewall installed, and due to my own stupidity, attempted to login with the wrong password one too many times, which added my IP to iptables, locking me out. I had to SSH into a linux box at school, and then ssh into my server to stop the iptables service so I could get into my server.
I removed every trace of my IP that I could find in csf, but sometime in the middle of the night, iptables reloads some rules from somewhere that blocks me again. I also tried doing iptables -F to clear all rules, but again, sometime in the middle of the night, rules are reloaded and I get blocked. I even uninstalled csf to no avail. I just want to remove my IP once and for all.
When I add a new site via New Account in WHM and once the domain resolves, the cPanel 'Great Success' page shows. I have verified the site is resolving properly.
This is a brand new installation and the only changes I have made is I updated apache via WHM.
I've been having an issue with one of my sites were someone has been adding malicious code to the index file. I don't know what has been compromised and am looking for a way to stop this.
I have a dedicated server have already upgraded MySQL to the latest version as I though that might work but it hasn't.
I just added a new PHP Handler with PHP Verison 5.5.18 as cgi and i always get an error when activating. I used the samte setting and php ini as the Buildin Ones
I tried to set up a site with a "dedicated" IP without SSL, and ran into this problem again. The new IPs (v4 or v6) are not reachable, pingable, or trace routable from outside the container, even from its PCS hardware node.This is what I get after adding the address in PPA:
By contrast, if I add an IP address through PVA, it is pingable. Note the differences, namely that PVA's ifcfg-eth0:0 has "BOOTPROTO=static" and the IPs double quoted. For those testing at home also note that PVA removed the existing IPv6 addresses (that it didn't know about).
I recently realized that domainkeys headers are not added to mail messages that are generated on our server. We are using MailEnable Enterprise 8.60 (upgraded on the Stardart edition, that is installed with Plesk).
I thought the problem could be related with this upgrade and created a new VM and tried that out. Installed Windows Server 2012 R2 Std, enabled DNS and IIS with ASP.NET versions, applied all updates, installed Plesk 12 and Upgraded to MailEnabled Enterprise. On the new server mails are going with the correct domainkeys headers.
Now I think that the problem was generated because of the Migration. On the old server Plesk 11.5 was installed and we didn't have any domainkeys issues. When we created our new server, with the same steps I wrote below, and migrated our backup to the new server, domainkeys headers weren't there anymore.
I couldn't find any documentation about this issue. Is there any commands to reset the settings related to domainkeys or may be it's a curruption in the psd database?
Do you recommend a software firewall when behind a hardware firewall?
All of our servers are behind Cisco ASA 5505 firewalls which we rent from Liquidweb. All are being managed correctly and setup to there optimal levels. With hardware firewalls firmly in place, do you still recommend a software firewall such as APF or IPTables (we're talking linux); in our opinion we see it as an extra administration overhead. If this is however untrue, we will change out thinking.
I've found a dedicated server at a great price and plan to stick with it, my first ( already have 2 vps accounts ). I don't have the money for a hardware firewall. However, I do have a chance to renew a Kerio WinRoute Firewall license from way back.
Does anyone think this would be better than the default windows 2003 firewall?
I'm trying to install HyperVM (I know, it isn't great, but need something quick) but need to unblock ports 8888 and 8887. I have no idea on how to do this via SSH. I've looked on Google, but nothing.
If you have a suggestion for another VPS panel which you think is much better than HyperVM and is free, please let me know. I might aswell install that then.
I have my server set up with the smtp daemon running on port 125, and assp listening on ports 25 and 26, and forwarding to port 125 if the mail passes. This setup has been working for months and months. Already today I've received several emails.
I just attempted to send an email, however, and thunderbird could not connect to port 26. (I use an alternate port because my ISP blocks port 25 except to their mail servers)
So I thought that assp had stopped running. Attempted to go to myip:55555, but the page would not load. Now I really thought assp was broken. SSH'd into server and was able to telnet to localhost, port 26 without an issue. Was also able to lynx [url] without an issue.
Since I'm able to log in to all of these weird ports via SSH but not from my local computer, I'm apt to think that they are blocking the ports (for some reason).
Is there any way I can test this theory? Nothing has changed on my side firewall-wise, and the poor girl at the ISP company didn't even know what a port was. I would like to be 100% sure before I give them another call demanding to speak to someone higher up...
