Aktuelles ISPConfig auf Ubuntu 16.10
Serverkonfiguration > Firewall: ufw (wurde nicht geändert)
Einträge > TCP: 20,21,22,25,53,80,81,110,143,443,587,993,995,3306,8080,8081
Einträge > UDP: 53,3306
ufw in der Shell enabled, Plugin gesymlinkt, Einträge gelöscht und zugefügt (muss man auch alles erst mal wissen).
Ports wie zB 80 und 443 gehorchen diesen Einstellungen, werden geblockt, wenn man sie aus der Liste entfernt.
Andere Ports (zB 9200 - Elasticsearch) sind immer offen, obwohl sie es nicht sein sollten...
$ ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
81/tcp ALLOW IN Anywhere
53/udp ALLOW IN Anywhere
3306/udp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
21/tcp ALLOW IN Anywhere
25/tcp ALLOW IN Anywhere
53/tcp ALLOW IN Anywhere
110/tcp ALLOW IN Anywhere
143/tcp ALLOW IN Anywhere
587/tcp ALLOW IN Anywhere
993/tcp ALLOW IN Anywhere
995/tcp ALLOW IN Anywhere
3306/tcp ALLOW IN Anywhere
20/tcp ALLOW IN Anywhere
8080/tcp ALLOW IN Anywhere
8081/tcp ALLOW IN Anywhere
81/tcp (v6) ALLOW IN Anywhere (v6)
53/udp (v6) ALLOW IN Anywhere (v6)
3306/udp (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
21/tcp (v6) ALLOW IN Anywhere (v6)
25/tcp (v6) ALLOW IN Anywhere (v6)
53/tcp (v6) ALLOW IN Anywhere (v6)
110/tcp (v6) ALLOW IN Anywhere (v6)
143/tcp (v6) ALLOW IN Anywhere (v6)
587/tcp (v6) ALLOW IN Anywhere (v6)
993/tcp (v6) ALLOW IN Anywhere (v6)
995/tcp (v6) ALLOW IN Anywhere (v6)
3306/tcp (v6) ALLOW IN Anywhere (v6)
20/tcp (v6) ALLOW IN Anywhere (v6)
8080/tcp (v6) ALLOW IN Anywhere (v6)
8081/tcp (v6) ALLOW IN Anywhere (v6)
Serverkonfiguration > Firewall: ufw (wurde nicht geändert)
Einträge > TCP: 20,21,22,25,53,80,81,110,143,443,587,993,995,3306,8080,8081
Einträge > UDP: 53,3306
ufw in der Shell enabled, Plugin gesymlinkt, Einträge gelöscht und zugefügt (muss man auch alles erst mal wissen).
Ports wie zB 80 und 443 gehorchen diesen Einstellungen, werden geblockt, wenn man sie aus der Liste entfernt.
Andere Ports (zB 9200 - Elasticsearch) sind immer offen, obwohl sie es nicht sein sollten...
$ ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
81/tcp ALLOW IN Anywhere
53/udp ALLOW IN Anywhere
3306/udp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
21/tcp ALLOW IN Anywhere
25/tcp ALLOW IN Anywhere
53/tcp ALLOW IN Anywhere
110/tcp ALLOW IN Anywhere
143/tcp ALLOW IN Anywhere
587/tcp ALLOW IN Anywhere
993/tcp ALLOW IN Anywhere
995/tcp ALLOW IN Anywhere
3306/tcp ALLOW IN Anywhere
20/tcp ALLOW IN Anywhere
8080/tcp ALLOW IN Anywhere
8081/tcp ALLOW IN Anywhere
81/tcp (v6) ALLOW IN Anywhere (v6)
53/udp (v6) ALLOW IN Anywhere (v6)
3306/udp (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
21/tcp (v6) ALLOW IN Anywhere (v6)
25/tcp (v6) ALLOW IN Anywhere (v6)
53/tcp (v6) ALLOW IN Anywhere (v6)
110/tcp (v6) ALLOW IN Anywhere (v6)
143/tcp (v6) ALLOW IN Anywhere (v6)
587/tcp (v6) ALLOW IN Anywhere (v6)
993/tcp (v6) ALLOW IN Anywhere (v6)
995/tcp (v6) ALLOW IN Anywhere (v6)
3306/tcp (v6) ALLOW IN Anywhere (v6)
20/tcp (v6) ALLOW IN Anywhere (v6)
8080/tcp (v6) ALLOW IN Anywhere (v6)
8081/tcp (v6) ALLOW IN Anywhere (v6)