DA and APF ports

dec

Verified User
Joined
May 12, 2004
Messages
163
What would be the ports that need to be open for a dedicated server running DA and fedora?

All ports needed so programs like apache, mysql, ssh, ftp service, etc..

IG_TCP_CPORTS="???"

IG_UDP_CPORTS="???"

IG_ICMP_TYPES="???"

I know the server checklisted somewhere here refers to another forum that list the ports, but it says it was done for ensim or something else.

Thanks
 
Search, or check the KISS script i have in the 3rd party software forum ;) (to get the ports - they are at the top)

Chris
 
I guess this is the answer :p

BLOCK_LIST=""
block an ip from connecting to any port on the box?

-TCP_IN="21 25 53 80 110 143 443 2222"
TCP Inbound ports

-TCP_OUT="21 22 25 37 43 53 80 443"
TCP Outbound ports

-UDP_IN="53"
UDP Inbound ports

-UDP_OUT="53"
UDP Outbound ports

-TCP_IN_TRUSTED="22"
TCP Inbound ports only accessable by IP addresses listed in the TRUSTED_IPS var (22 - ssh)

-TRUSTED_IPS="0.0.0.0/0"
can i enter here the ips i use to connect to the box?(or better not, cause my ip is not static) Yes, or leave the current option to allow all IP addresses to connect

-SERVER_IPS="0.0.0.0/0"
All the IP addresses bound to your system can be listed here, although the current option works fine unless you want pings etc as discussed above.


Thanks! I am very happy with this product! DA Rocks!!!

Dec
 
Helppppppppp

GODDDDDDDDDD! :eek:

I forgatt to put port 22 for tcp inbound and now i cant access my server..!!

Any other magic way to access my server?

Telnet is disable!! :(

Dec
 
Re: Helppppppppp

dec said:
GODDDDDDDDDD! :eek:

I forgatt to put port 22 for tcp inbound and now i cant access my server..!!

Any other magic way to access my server?

Telnet is disable!! :(

Dec

If its not set up to start on boot you could reboot, if its on a cron to automatically disabled after a few minutes your ok... just wait... otherwise you need console access.
 
A thought, I don't know if it would work, maybe someone else could enlighten me on the feasability of this.

Writing an bash script to kill the firewall and then using DA run it with a cron?
 
cron will run it as the siteuser, so it won't have enough privileges to shut down the firewall.

This might work:

http://www.hotscripts.com/Detailed/33450.html

If it's what it says it is.

It's a php terminal script that runs through your browser.

If you can still upload using ftp, upload this script as you would any php script, run it through your browser.

If su works, then you'll be able to shut down the firewall.

If you do get it to run then you'll be passing your root password in cleartext so be sure to change it immediately afterwards.

Jeff
 
lukeski said:
I believe you would run into the same user privledges issues. The user that would be issuing command would be apache.
If you can log in you may be able to su in.

Jeff
 
At least in phpshell you can't do an su (along with a lot of other things).
 
Actually I still had a copy on a server and I tried an su (wanted to make sure).

MyShell: su: void command for MyShell

It was a good attempt.

What kind of privledges does the "admin" account have?
 
Update

First, thanks a lot for all the answers to my problem.

I decided to call the support center and they almost charge me at least $50 to fix the problem, BUT because we are all humans at the end, they did it for free!!! :D

I am really happy with my provider. It was a close call!

Conclusion: I gotta get some sleep and be more carefull next time! :D

Really interesting all this possible solutions, i will try them to see what happends..

Thanks a lot guys! Great forum! I am new BTW!

Dec
 
Back
Top