Hi,
I'm running Virtualmin/Webmin on Ubuntu 10.04 LTS
I've just noticed that Network > Linux Firewall does not display any rules.
Besides, "Enable at boot" is set to No
iptables -L displays:
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Using nmap, I get:
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
110/tcp open pop3
119/tcp open nntp
143/tcp open imap
443/tcp open https
445/tcp filtered microsoft-ds
465/tcp open smtps
563/tcp open snews
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
3128/tcp open squid-http
8008/tcp open http
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8888/tcp open sun-answerbook
9200/tcp open wap-wsp
10000/tcp open snet-sensor-mgmt
20000/tcp open unknown
Is there a firewall running on my server?
Comments
Submitted by Locutus on Fri, 10/11/2013 - 12:21 Comment #1
Depends on what you mean by "running". :) iptables is always installed and active on a regular Ubuntu, it's just configured on your system to let everything pass.
Does that answer your question, or was there more?
Submitted by anrikun on Mon, 10/14/2013 - 04:04 Comment #2
Thank you for your reply Locutus.
Actually, I thought that Virtualmin/Webmin would come with some default rules so I found it strange that my rules are empty.
Is it normal that "Enable at boot" is set to No by default?
Submitted by Locutus on Mon, 10/14/2013 - 06:36 Comment #3
Virtualmin indeed does install some default rules, namely rules to allow packets to the ports it needs.
It does not activate the firewall by default though, since the admin should always review firewall rules before having them applied. Otherwise you could easily lock yourself out of the system.
Submitted by anrikun on Mon, 10/14/2013 - 07:14 Comment #4
Thanks again for this useful information.