DA-Kiss - DirectAdmin specific firewall based on Kiss v2.0

hi

i'm having a problem with recieving pings to my main server ip. if i stop kiss i can recieve them with out a problem.

i have the following for my trusted ip's:

TRUSTED_IPS="0.0.0.0/0"

and this line further down the script:


# Allow pinging of this server's MAIN_IP by trusted IPs only.

for trusted_ips in $TRUSTED_IPS; do
$IPTABLES -A INPUT -d $serverips -i eth0 -m state --state NEW -p icmp --icmp-type ping -j ACCEPT
done

but when kiss is running i can't ping the server, has anyone got any ideas what the problem is?

thans in advance

roland
 
can anyone tell me.why install kiss when csf have good option. we can work with it with directadmin panel not ssh and ....

tnx
 
I use KISS because it's simple. And generally once you install it you never have to configure it again.

You yourself write in another thread that you're having problems with CSF. Except for the very occasional issue you just install KISS, start it, and it runs.

To each his/her own.

:)

Jeff
 
jlasman said:
I use KISS because it's simple. And generally once you install it you never have to configure it again.

You yourself write in another thread that you're having problems with CSF. Except for the very occasional issue you just install KISS, start it, and it runs.

To each his/her own.

:)

Jeff
Click to expand...

beacse we can manage and config csf with directadmin panel.
forexample APF . some of user use it.as i see most of linux server (hosting) use csf
 
As I wrote, to each his/her own. This is not a thread for bashing kiss; it's a thread for explaining it and helping people use it.

Jeff
 
hello on my vps its my output:

[root@box updatescript]# kiss restart
eth0: error fetching interface information: Device not found
Could not determine MAIN_IP. Firewall script aborted!
 
Generally a VPS doesn't have an eth0. Figure out what your VPS calls it's network interface, and then make changes to KISS.

Jeff
 
There is no ipt_multiport.ko or ipt_state.ko on any of my CentOS 5.5 systems. I need those files to use KISS. How do I get those files?
 
Try this [nobaloney.net] version; it runs on my 5.4 systems, and requires xt_ file sinstead of ipt_ files.

Jeff
 
Steve wrote it, so it's likely his version at indotek.com is more up-to-date. However mine (which I only change as necessary) has ports open for webhosting on various systems using various billing packages.

I'm sure both will work, and I'm just as sure that you may need to make minor changes to either for them to work for you.

Jeff
 
do you have any idea (kiss option) to block ddos and protet server from this attack ?
 
While you can block individual IP#s attacking you, KISS is much too simple to block most DDOS attacks by itself. DDOS attacks are very hard to block. You might get some good information from this article (linuxgazette.net).

Jeff
 
You must log in or register to reply here.
Back
Top