Iptables And Related/established Connections
Apr 11, 2009
I've got a vps running centos 5.3 on an openvz platform. I've been using a simple set of iptables rules but recently the host moved me to a new server and I'm having issues with my firewall. I'm pretty sure it's the firewall since if I stop iptables or flush the rules everything works properly.
my rules:
Code:
!/usr/bin/env iptables-restore
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp --dport ssh -j ACCEPT
The last rule continues with all the other used protocols (pop3/dns/http/etc)
The problem is incoming connections with should be allowed from by the related,established rule aren't permitted. If I use wget,ftp,ping, or dig from my shell they all report a time out. For example dig w3.org gives no server reachable. If I capture all dns requestes with tcpdump I see the outgoing request to dns and I see the incoming data but dig still reports a timeout. Since tcpdump sits before iptables and I have no output filtering it seems that my input filter isn't seeing the related/established state of dig and allowing the results in.
But, what's the solution? Do I need to ask the vps provider for something specific? If so what?
Or is there a better way to write my iptables rules to compensate for this problem?
View 5 Replies
ADVERTISEMENT
Nov 13, 2008
connection state ESTABLISHED,RELATED is not working in my iptaables...?
Accept If input interface is lo
Accept If state of connection is ESTABLISHED,RELATED
Drop If protocol is ICMP
Accept If protocol is TCP and destination port is 80
Accept If protocol is TCP and destination port is 99
Accept If protocol is TCP and destination port is 25
Accept If protocol is TCP and destination port is 110
Accept If protocol is TCP and destination port is 10000
Accept If protocol is TCP and destination port is 21
Accept If protocol is TCP and destination port is 30000:30500
Accept If protocol is UDP and destination port is 53
Accept If protocol is UDP and source port is 53
Accept If protocol is TCP and destination port is 445
Accept If protocol is TCP and destination port is 2390
this in my Incoming packets rules..
Outgoing packets are all accepted..
so if i made connection from the server the input rules shuld accept them because it is established and related connection.. But it wont work.. any ideas about it..?
my vps is running on cent os 5.2 final..
and the control panel is webmin.
View 10 Replies
View Related
Oct 12, 2009
I would like to discuss over new companies which have just put there steps towards hosting business.
I know many of the people here and everywhere believe that only established companies with a nice price tag of almost around $5 per month for smallest web hosting plan can give you best support and uptime. No doubt they can give you nice uptime but what about the support... leaving some companies all other big and established once do not offer you what you should actually get.
Companies with a huge customer base receives a large number of hosting support requests from there customers daily which they can not fulfill on time. Thus resulting in delay and some times inconvenience to the customer.
Where as on other hand new companies or mid level companies that just arrived or been in industry for a few couple of months is much better then them.
A solid reason to support this is if they want to be in this industry they will surely provide all the best of support and uptime and industry leading softwares and products to there client for the very low price as compared to other big ones.
Now the point to be noted is the people only don't believe new companies just because they are new... I don't understand the reason why people have a mentality of treating OLD IS GOLD....
When new companies just to establish them selves in this market are offering tons of services for a much lesser price to what other big ones do then why do people think they are going to fall down... They too have there business plans setup or else they won't advertise it different forums and waste there precious time in which they could have done many other jobs....
I know this is a never ending topic but you surely need to broaden your thinking and start thinking about this second phase of hosting industry...
With my article I surely can't mentality of too many people but surely can start a step ahead of others to let people think on this....
Hope I can scratch some great minds with my writting and they can comment some great ideas and pros and cons...
View 14 Replies
View Related
Jan 5, 2008
I execute the following commands, in the following order:
iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP
will that last command successfully ban that IP until reboot?
If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.
View 2 Replies
View Related
Jun 28, 2009
Can a domain have two set of users.... let me explain the situation.
mydomain.com has a set of users which have admins etc etc.
can i have sub.mydomain.com with the same set of users, with different admin and restricted access to certain level.
View 5 Replies
View Related
Sep 25, 2008
1- What means that the site has an IP?, what will differ if the site has an IP?
2- What is the importance of IPs for every site?, I mean now I'm running a shared hosting, Should each site has it's dedicated IP? and is it dangerous to make all clients has same IP?
3- I got 5 IPs with my server, how can I assign a DEDICATED IP for my main site, and then assign the 2nd 2 IPs for my main site Name servers & Finally assign the rest IPs for Resellers?
4- In the domaintools whois Service, Under Server Data category, sometimes I found :
Dedicated Hosting: domain.com is hosted on a dedicated server.
what this means, and how can I make my domain looks like this , cause it's already hosted on a dedicated server.
5- When I asked my Server Co. about extra IPs, they told me:
" for smaller allocations its $1 per ip, we also require full ARIN IP justification." so, what's ARIN IP justification?
View 4 Replies
View Related
Jun 8, 2009
I'm interested in making a site which would stream video game (RPG) audio to users through flash. I have long searched for a service that I could use to listen to that odd track from final fantasy 8 for example (and not some cheap midi) without going through hundreds of links etc. So I'm thinking of making one myself.
I know there are sites that host mass video game mp3s (gh.ffshrine.org) and also remix and host video game music (ocremix.org) but I don't know if what they are doing is OK by normal hosting standards.
if it is, <snipped>.
View 8 Replies
View Related
Apr 23, 2008
I have a question regarding, hard drives and performance etc... I only use it for forums and currently is only one site (hopefully couple more in no time)
Currently I have 2x36gb SAS in raid 1 obviously containing everything including dbs and /home. and a third 250gb drive for backups only ^^ Ronny did an excelent job setting this up.
Any ways, my problem is that I wan't to allow some attachments on my forums, and this would take a significant ammount of space over 1gb no problem and then keep increasing (that's gonna sux for bandwidth). I know it will fit in the SAS drives no problems, dbs are rather small at the time (2.5gb in total) but logs are quite big 5-10gbs in total.
I thought it might be a good idea to purchase another drive. This 4th drive would be 750 and backups would move there , and use the 250 for the /home directory. This would give a lot of room for uploads, and backups accordingly and keep the fast ones for OS and dbs
I was told, however, and understandebly, that a lot of performance would be lost by moving /home to a SATA drive I know SATAS are no way as fast, but then vbulletin can't upload attach files to a folder outside its hirachy (without complicated modifications).
(Note: i didn't specify my resons for wanting such set up)
So I'm in a bit of a pickle. Having the bigger drive would allow me to have the attachments, and should eventually result on more traffic etc to my site. /home currently is only 150mbs big... but then performance is also an issue pitty i couldn't afford the bigger drices at the time [sees the point of renting over buydowns now]
is there a way that /var/log/httpd saves those massive logs on another drive? it would free up 5-10gbs
in shortIs moving /home to a SATA drive from Raid 1 SAS a bad idea? (considering space and purpose)
Could httpd logs or /var/log in general be moved to the backup/another drive?
View 7 Replies
View Related
Apr 16, 2007
Currently I am using rsync to backup directory and mysqldump sql file on both external and internal backup drive
Now the directory has around 100,000 files that hardly change. Only thing that happens in that directory is either the old files are deleted or new files are added. All of them image
Due to some reason when i rsync using any of the two commands below, it transfer each and every file again rather then transferring the new or updated files.
Here is what i am currently using
rsync -avH /old/path /destination/path (this is for internal backup drive)
or
rsync -avz -e ssh /old/path username@username.remoteaddress:/destination/path
why all my files in the directory all uploaded again
View 4 Replies
View Related
Aug 19, 2007
I have a Cpanel box, in WHM I used the "PHP Configuration Editor" and changed the php execution time (minor change). After clicking save I now get the following error on any php using sessions:
Warning: session_start() [function.session-start]: open(/tmp /sess_1d374c43a0f726cd43776f9f92485bec, O_RDWR) failed: No such file or directory (2) in /home/continou/public_html/control/index.php on line 4
One thing I noticed it did was turn on PHPSuexec which generally causes problems for me. I turned that off and the error response changed slightly (to above) but the problem is not solved.
I tried rebooting the server. /tmp does exist, I am now rebuilding apache in hopes that corrects the problem.
View 3 Replies
View Related
Jul 8, 2008
I have read about addon domains but I have still one doubt regarding same. Suppose I have buy two domains which have no any relationship with each other like one is of my family (viralshah3112andfamily.com) and one is for my uncle's business site (xyz.com) . Now if I host them in one account as addon domain, both will have different identity? Means both will have different URL like xyz.com and viralshah3112andfamily.com. Is it so?
View 8 Replies
View Related
Jan 13, 2007
I'm using .htaccess file and mod_auth_mysql for protection of a site, where the old users are in flat passwd file and the new ones are in DB, so i need both the standart .htpasswd check and if the user is not there check in the mysql DB
well here is how currently my htaccess file looks:
------------------------
AuthName "Password Protected Pages"
AuthType Basic
AuthUserFile /home/edited/.htpasswd
<limit GET POST PUT>
require valid-user
</limit>
AuthMySQLAuthoritative Off
AuthName "Members Only"
AuthType Basic
AuthGroupFile /dev/null
AuthMySQLHost domain-removed.com
AuthMySQLDB username-removed
AuthMySQLUser user-removed
AuthMySQLPassword edited
AuthMySQLUserTable members
AuthMySQLNameField username
AuthMySQLPasswordField password
AuthMySQLPwEncryption none
AuthMySQLUserCondition "status=1 AND siteid=2"
require valid-user
----------------
but the site doesn't accept neither the flat passwd file users, neither the ones from the nats DB, it just pop-ups the password dialog box again, whicih means that the password is not accepted
For the users i tested with i double checked that they DO exist in the htpasswd file or in the DB, so its not that
also, cause the site and the DB are on different servers, i have authorised the first one to query the mysql db at the second, so its not from that as well
i have removed the sensitive information (domains, users and passwords from the sample code i pasted here)
so...i'm totally lost here and any directions or ideas will be highly apprecicated
View 0 Replies
View Related
Jan 26, 2009
I am working on a survey about top hosting news website.
View 10 Replies
View Related
Feb 10, 2007
good server setup review sites, such as most optimal setups for mysql driven sites, best value setups and so on.
View 1 Replies
View Related
Oct 1, 2014
I was asked by a user why he only saw a page with 'related links' when he went to the web site. I checked and saw the same thing if I typed www.domain.tld. If I just typed domain.tld, the page displayed fine. In trying different things tonite, I cleared my cache and now neither url works.
I am using Parallels Plesk Panel 11.5.3. If I click the 'Preview' button on the panel, everything looks great. If I click the 'Open' button, I get the 'related links' page.Today, the shcnf.com link seems to be working fine and the 'Open' button in Parallels Plesk Panel works, but the www.shcnf.com link is still showing a 'related links' page.
My DNS settings show:
shcnf.com record type: A value: 198.144.188.31
www.shcnf.com record type: CNAME value: shcnf.com
I do not currently have a preferred domain set in my hosting settings. I tried setting one the other night with no luck, though I was also playing with the DNS settings (I tried setting www.shcnf.com to an A value with the IP, hoping to force it to work).
View 1 Replies
View Related
Aug 13, 2008
As I am going to launch unique product connected with webhosting in the near future, I would like to learn more about the tech aspects of webhosting. By tech aspects I mean for example how to setup nameservers - how they work and how to setup them, SSL, how to setup ftp etc., so, basically I am interested in all the things connected to servers.
Could you please recommend me some guides or books related to webhosting and server management. I am newbie to servers and hosting, so I would like to learn it from the ground. I am searching for some book for beginners, but I cannot find any.
View 3 Replies
View Related
Sep 2, 2013
I think the wrong text is displayed for the option "Remove Domain Alias".
In Plesk 11.5.30 Update #13, in a Webspace, on the Websites & Domains tab, if I click an alias, a window appears for the alias with the option to "Remove Domain Alias". If I move the cursor over the text "Remove Domain Alias", or click on the link, I see a pop-up: Removing this website will also delete all related files, directories, and web applications from the server.
I think this is incorrect because removing an alias should not remove any files, directories, and web applications.
View 3 Replies
View Related
Nov 25, 2014
How to hide from our clients (end users: Plesk customers/resellers) any message related to Apache configuration files failed, like this one:
"Error: Web server configuration for some of your domains may be inconsistent. Please contact server administrator to resolve the problem."
We already see the message within Plesk admin interface, so our customers don't really need to see that, as there's nothing they can do for that.
View 1 Replies
View Related
Jun 17, 2015
I have Plesk 12 panel on Debian 7 server.
When I try to add service to auto start using command:
# update-rc.d nginx defaults
update-rc.d: using dependency based boot sequencing
I got error:
insserv: warning: script 'kavehost' missing LSB tags and overrides
#
View 2 Replies
View Related
Dec 22, 2008
Sometimes my server surcharge load average increase at 60 , and all my configuration are OK
when i type :
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
i have : ...
View 8 Replies
View Related
Dec 21, 2008
I tried to update a plugin at my blog its a wordpress blog, as soon as the update was started that site on the server stopped working, (later on i closed the upgradation window), after few minutes website start working automatically, Now in my opinion I think that update process is still running in background thats why connections are creating continuously to that website IP.
[root@server ~]# netstat -alpn | grep :80 | awk '{print $4}' | cut -d: -f1 |sort |uniq -c
1001 serverIPhere
its even touching 1500, I tried to contact my server support but unfortunately they can investigate the issue, instead they told me to check with the following command.
netstat -plan |grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c
which is not an answer to my question. Can anybody please tell me why those connections are making to that website's IP? I don't think its a Ddos attack, because it was just started when i updated the plugin.
View 10 Replies
View Related
May 19, 2008
Could someone comment on the kind of load a VPS service can handle? If I were to run an HTTP server how many connection/sec would be realistic.
View 3 Replies
View Related
Mar 6, 2007
How many simulteanous connections to the site do alot of webhosting company usually allow with shared hosting packages. I was wondering because4 some companies say pay $$ a month get 300gb of bandwith a month. Can they limit the bandwith by limiting your simulteanous connections? I am asking because I just found out my host only allows 50 per hosting package that is on a shared server. To me that seems to be very little.
View 1 Replies
View Related
Apr 19, 2007
WARNING: One or more of your DNS servers does not accept TCP connections. Although rarely used, TCP connections are occasionally used instead of UDP connections. When firewalls block the TCP DNS connections, it can cause hard-to-diagnose problems. The problem servers are:
Error [No response to TCP packets].
APF is installed on the server, how do I allow TCP DNS connections? I already added port 53 to ingress/egress for TCP and UDP.
View 7 Replies
View Related
Dec 20, 2007
I run this a few times a day:
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
and get outputs like (just the bottom here, IPs removed):
8 IP #1
8 IP #2
8 . . .etc
8
9
9
9
9
9
10
10
11
12
13
14
15
18
19
25
26
32
32
91
The server runs gallery2, how many connections does an IP need just to browse the gallery? I'd like to block wget etc, but don't want to hurt search engine optimization (SEO). Is there a compromise, like limiting IPs to 5 connections, so the site still gets crawled, just slower?
DDoS deflate is installed: [url]
which permabans IPs with 150+ connections
Also what are the commands to block and unblock these IPs,
View 2 Replies
View Related
Aug 4, 2006
I am experiencing a strange problem with iptables: after in activate them, they are gone in a few minutes. For example, I drop traffic from an ip and after few seconds, all rules are flushed without touching anything!
View 2 Replies
View Related
Jan 20, 2008
I need to block about 5000 IPs .. Is it possible to add this amount of IPs to iptables?
I mean ... Will this slow down the machine response?
View 7 Replies
View Related
May 24, 2007
What do you prefer or what do you think is better, iptables or apf for a firewall?
View 9 Replies
View Related
Apr 13, 2009
i install csf on centos,
my server is working but the network is unreachable,
i try to run "service iptables stop",
and the server is unreachable now,
i check from whm,it shows csf is working,
but i ssh the server and type "service iptables status",
it shows "firewall is stopped",
is it correct?
is not,how can i fix the issue?
View 11 Replies
View Related
Apr 10, 2009
Is there a way for me to whitelist myself or something?
I get up everyday and have to call LSN because my server has blocked me for some reason...
View 10 Replies
View Related
Feb 4, 2007
If I keep getting spam from a certain IP, can I add that IP to Iptables? Will it stop me receiving spam from that IP? I'm not quite sure how it all works.
Or what is the most effective method to stop spam?
View 14 Replies
View Related
