interfasys
Verified User
It seems to be difficult to find a firewall that works inside a VPS (might be a Virtuozzo only issue). APF and KISS don't work.
Does somebody have one that works?
Does somebody have one that works?
Firewalling inside a VPS...
- Thread starter interfasys
- Start date
interfasys
Verified User
I only have info for APF which gives a lot of module loading errors and which blocks wget and doesn't allow users to use ftp correctly when given a range of ports to use.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
What specific info do you have, Olivier?
I can probably give you a fix for the ftp issue if you can tell me what you already know. It would be the same method I used to allow ftp with ipchains, but updated for iptables.
And if anyone can point me to a 1-to-1 translation rule for converting ipchains rules to iptables rules, I can create a working firewall rather quickly, as I have a complete working firewall for ipchains that works well with DA.
Thanks.
Jeff
I can probably give you a fix for the ftp issue if you can tell me what you already know. It would be the same method I used to allow ftp with ipchains, but updated for iptables.
And if anyone can point me to a 1-to-1 translation rule for converting ipchains rules to iptables rules, I can create a working firewall rather quickly, as I have a complete working firewall for ipchains that works well with DA.
Thanks.
Jeff
interfasys
Verified User
Hello Jeff,
Thanks for your info to help. Unfortunately, I'm not using a VPS anymore, so I can't provide more details.
It seems APF or Kiss still cannot be run inside a VPS and the admins of such setup usually build a firewall with custom rules instead of using those automatic tools.
Thanks for your info to help. Unfortunately, I'm not using a VPS anymore, so I can't provide more details.
It seems APF or Kiss still cannot be run inside a VPS and the admins of such setup usually build a firewall with custom rules instead of using those automatic tools.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I'm still trying, and still failing 
.
I found ipchains2iptables, but it's creating rules that run, but don't work.
I've heard that within the next month there will be a new Virtuozzo kernel which will allow all standard iptables commands to work.
In the meantime we're still searching.
Jeff
.I found ipchains2iptables, but it's creating rules that run, but don't work.
I've heard that within the next month there will be a new Virtuozzo kernel which will allow all standard iptables commands to work.
In the meantime we're still searching.
Jeff