Firewall Rules Lost

[RizSher]

Hi,

I was trying to change some of the default ports for the FreePBX server and SSH using Webmin, and ended up clearing all the rules that came setup with PiaF 1.3. The Linux Firewall screen in Webmin shows no rules, except for 1 "Run chain RH-Firewall-1-INPUT Always".

Is there any way to restore the firewall to the "as shipped" default settings of PiaF 1.3?/.

thanks.

Riz

 

[RizSher]

I managed to recover the firewall rules (had another machien with PiaF 1.3 that I copied iptables from and pasted to this one).

However, now the problem is Fail2Ban - doesn't seem to exist on my system.

Trying to enable or disable Fail2Ban gives the following message:

You don't appear to have fail2ban installed! Please run update-scripts and update-fixes again!
You have new mail in /var/spool/mail/root

Ran update-fixes, Patch #104 (the one to install Fail2Ban) doesn't even appear:

Patch #103 adding missing config files
Patch #103 already applied no update required
Patch #105 adding .ssh folder
Patch 105 already applied
Patch #106 adding NTP rule to IPTABLES
Patch 106 already applied!
Patch #107 patch for freepbx .htaccess problem
Patch #107 already applied no update required
Patch #108 checking for missing conf files
Patch #108 not required
Patch #109 fix for flashing fop panel
Patch #109 not required
Patch #110 patch for kennonsoft menu

Can I manually install Fail2Ban?

 

[wardmundy]

Patch #104 didn't run probably because you don't have the original PBX in a Flash setup with the older version of Fail2Ban. As you probably can understand, it's almost impossible to recreate everything that someone can/has accidentally deleted. That's what backups are for, and we have a rock-solid backup solution... if you choose to use it. You should be able to run the Fail2Ban upgrade procedure to restore things, but no guarantees as it wasn't attempted on a damaged system.

 

[RizSher]

Ward,

Totally agree with you about Backups... I had made a Mondo backup of the previous machine I was using (thats where I was able to salvage the iptables file from), however, this is a new server I setup just last night, and burning the midnight oil has managed to mess up Fail2banand delete my firewall rules,never had time to make a backup.

I have already tried the Fail2Ban upgrade steps, however, that ended up with a message saying this is to be used only for a system with Fail2Ban 0.6.1 or somehing like that...

Isn't there a script inyour arsenal that can install Fail2Ban from scratch??.

Riz

 

[wardmundy]

Just comment out the check for the previous version. I don't know whether your other stuff is damaged or not. If it is, then you probably should start anew... and make a backup.

 

[wardmundy]

Ward,

... this is a new server I setup just last night, and burning the midnight oil has managed to mess up Fail2ban and delete my firewall rules, never had time to make a backup.

If this is a brand new server, then why not just start over to be sure you have a clean, reliable install??

 

[RizSher]

Thats what I did .

However, despite the upgrade message saying This can only do upgrade from 0.6.1, Fail2Ban was actually still working, the status screen showed green, I tried by entering a wrong password in one of my SIP extensions, and soon there was email saying 192.168.1.102 has been banned.

But I wasn't really sure of what had happened, so, did a reinstall anyway.