Connection State ESTABLISHED,RELATED Is Not Working In My Iptables
Nov 13, 2008
connection state ESTABLISHED,RELATED is not working in my iptaables...?
Accept If input interface is lo
Accept If state of connection is ESTABLISHED,RELATED
Drop If protocol is ICMP
Accept If protocol is TCP and destination port is 80
Accept If protocol is TCP and destination port is 99
Accept If protocol is TCP and destination port is 25
Accept If protocol is TCP and destination port is 110
Accept If protocol is TCP and destination port is 10000
Accept If protocol is TCP and destination port is 21
Accept If protocol is TCP and destination port is 30000:30500
Accept If protocol is UDP and destination port is 53
Accept If protocol is UDP and source port is 53
Accept If protocol is TCP and destination port is 445
Accept If protocol is TCP and destination port is 2390
this in my Incoming packets rules..
Outgoing packets are all accepted..
so if i made connection from the server the input rules shuld accept them because it is established and related connection.. But it wont work.. any ideas about it..?
my vps is running on cent os 5.2 final..
and the control panel is webmin.
View 10 Replies
ADVERTISEMENT
Apr 11, 2009
I've got a vps running centos 5.3 on an openvz platform. I've been using a simple set of iptables rules but recently the host moved me to a new server and I'm having issues with my firewall. I'm pretty sure it's the firewall since if I stop iptables or flush the rules everything works properly.
my rules:
Code:
!/usr/bin/env iptables-restore
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp --dport ssh -j ACCEPT
The last rule continues with all the other used protocols (pop3/dns/http/etc)
The problem is incoming connections with should be allowed from by the related,established rule aren't permitted. If I use wget,ftp,ping, or dig from my shell they all report a time out. For example dig w3.org gives no server reachable. If I capture all dns requestes with tcpdump I see the outgoing request to dns and I see the incoming data but dig still reports a timeout. Since tcpdump sits before iptables and I have no output filtering it seems that my input filter isn't seeing the related/established state of dig and allowing the results in.
But, what's the solution? Do I need to ask the vps provider for something specific? If so what?
Or is there a better way to write my iptables rules to compensate for this problem?
View 5 Replies
View Related
Apr 25, 2007
I would like to setup a rule through iptables or something that will let me so, only one ip can have XX connections per minute/hour or whatever time is set.
or something that will ban ips that are opening massive connections kinda like this ...
View 14 Replies
View Related
Feb 7, 2008
I have CSF installed on one of our server.
CSF dont ban the IP and if manually it is done I get following error.
----------------
csf -d 195.88.65.47
Adding 195.88.65.47 to csf.deny and iptables DROP...
iptables: Index of insertion too big
DROP all opt -- in !lo out * 195.88.65.47 -> 0.0.0.0/0
Error: iptables command [/sbin/iptables -v -I INPUT 2 -i ! lo -s 195.88.65.47 -j DROP] failed, at line 864
-------------------
Also iptables is not running on server.
If status is checked it says its stopped.
I have many sites on my server I dont want to get any downtime.
Please let us know how can we fix this issue as soon as possible.
I have tried reinstall CSF but still the issue remains same.
View 3 Replies
View Related
Aug 5, 2008
After I start iptables:
service iptables start
There is not any message coming up.
When use
service iptables status,
It said:
iptables: Firewall is not running.
My os is fedora core 6
View 10 Replies
View Related
Apr 25, 2008
I use
iptables -I INPUT -s 60.216.238.212 -j DROP
To block ip, not working
After issue
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
I can still see
87 218.86.252.158
163 219.150.191.62
301 60.216.238.212
60.216.238.212 still has 301 connection, any idea.
Basically, I use ddos-deflate to block ddos attack.
I already set the max conection to 25.
But it seems not working.
all the connections over 25 have not been blocked.
Did I miss something?
I mean after I issue
iptables -I INPUT -s 60.216.238.212 -j DROP
Do I need to do something like refresh iptables?
View 0 Replies
View Related
Feb 13, 2015
I temporarily enabled and activated Plesk firewall module (which I wish I didn't the first time) and for some reason it seems to have overwritten the default iptables configuration that was set, leaving my ftp unable to be logged into. I tried to disable the firewall module and reboot the server. It didn't work.
I also noticed that it somehow seem to have changed my hostname to my previous server hostname as well
Is there any way to completely revert back to original iptables settings before enabling the Firewall module?
View 4 Replies
View Related
May 28, 2009
I had a small question about ODBC. I created a new connection to a MySQL database with the 'ODBC Data Source Administrator' on my Win 2008 / IIS 7 webserver.
In this administration panel the ODBC data source works just fine. When I fill in the required values I receive the list of available databases and pressing the "test" button results in a successful connection.
But when I want to use this connection in other software, a C++ application and a PHP application, they supply me with errors "Couldn't connect to database", etc.
So the ODBC connection is correct (so are the credentials in the software 100% sure of that), but software can't use the connection. Because the software worked perfectly on an older server I think I'm missing out on some sort of setting which enables applications to use the connection (or something like that).
View 0 Replies
View Related
Jul 9, 2008
I have been having great trouble sending mails from my local Thunderbird/Windows client to my Debian/Exim-server via TLS/SMTP.
I am no expert on TLS and SMTP, but I managed to create a server certificate and set up a secure (TLS) connection more than a year ago, and it has been working fine until it suddenly stopped working a couple of weeks ago.
Sending to external addresses from web pages still works fine, the problem seems to be in the SMTP connection. If I try to "telnet xxx.xxx.xxx.xxx 25" I get no reply whatsoever (it seems to connect but it just gives me a blank screen with a blinking cursor) and I am wondering if there is a firewall issue or if I am simply not running the right daemon to listening for incoming SMTP connections...
POP continues to work fine with teapop/stunnel enabled.
I am running Exim 4.63-17 on Debian Etch. I configured Exim to be of the type "internet site; mail is sent and received directly using SMTP"
==============================
Firewall shouldn't be a problem (?):
debian:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
==============================
I really don't know what to do. I have tried running:
tail -f /var/log/daemon.log
Which responds when I access my mail using POP but not when I try to send using SMTP.
View 4 Replies
View Related
Oct 12, 2009
I would like to discuss over new companies which have just put there steps towards hosting business.
I know many of the people here and everywhere believe that only established companies with a nice price tag of almost around $5 per month for smallest web hosting plan can give you best support and uptime. No doubt they can give you nice uptime but what about the support... leaving some companies all other big and established once do not offer you what you should actually get.
Companies with a huge customer base receives a large number of hosting support requests from there customers daily which they can not fulfill on time. Thus resulting in delay and some times inconvenience to the customer.
Where as on other hand new companies or mid level companies that just arrived or been in industry for a few couple of months is much better then them.
A solid reason to support this is if they want to be in this industry they will surely provide all the best of support and uptime and industry leading softwares and products to there client for the very low price as compared to other big ones.
Now the point to be noted is the people only don't believe new companies just because they are new... I don't understand the reason why people have a mentality of treating OLD IS GOLD....
When new companies just to establish them selves in this market are offering tons of services for a much lesser price to what other big ones do then why do people think they are going to fall down... They too have there business plans setup or else they won't advertise it different forums and waste there precious time in which they could have done many other jobs....
I know this is a never ending topic but you surely need to broaden your thinking and start thinking about this second phase of hosting industry...
With my article I surely can't mentality of too many people but surely can start a step ahead of others to let people think on this....
Hope I can scratch some great minds with my writting and they can comment some great ideas and pros and cons...
View 14 Replies
View Related
May 5, 2015
For some reason FTPS is no longer working as it used to before plesk upgraded. At this point, I am not sure which Plesk upgrade caused this since I do not FTPS or ftp in general often. its enabled as it was before, even disabled and re-enabled it again. Still gives a "could not establish connection". Restarted the service via command Line with "service xinetd restart". still isnt working...
View 19 Replies
View Related
Jan 5, 2008
I execute the following commands, in the following order:
iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP
will that last command successfully ban that IP until reboot?
If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.
View 2 Replies
View Related
Jun 15, 2008
I'm sure by now we have all noticed the Liquid Web ads for solid state drives by now. These offerings would make for incredible database servers, among other things.My questions is:
How many of you are going to run out and get a solution like this, from liquidweb or anyone else? Why or why not?
View 14 Replies
View Related
Jun 28, 2009
Can a domain have two set of users.... let me explain the situation.
mydomain.com has a set of users which have admins etc etc.
can i have sub.mydomain.com with the same set of users, with different admin and restricted access to certain level.
View 5 Replies
View Related
Sep 25, 2008
1- What means that the site has an IP?, what will differ if the site has an IP?
2- What is the importance of IPs for every site?, I mean now I'm running a shared hosting, Should each site has it's dedicated IP? and is it dangerous to make all clients has same IP?
3- I got 5 IPs with my server, how can I assign a DEDICATED IP for my main site, and then assign the 2nd 2 IPs for my main site Name servers & Finally assign the rest IPs for Resellers?
4- In the domaintools whois Service, Under Server Data category, sometimes I found :
Dedicated Hosting: domain.com is hosted on a dedicated server.
what this means, and how can I make my domain looks like this , cause it's already hosted on a dedicated server.
5- When I asked my Server Co. about extra IPs, they told me:
" for smaller allocations its $1 per ip, we also require full ARIN IP justification." so, what's ARIN IP justification?
View 4 Replies
View Related
Aug 17, 2007
I found VPS at Virtuozzo logs that system turns locked and mounted and I believe the system becomes unresponsive at same time.
Here is the sequence of the status that can be found at VPS/status changes
RUNNING--->MOUNTED--->(LOCKED)-->(LOCKED, MOUNTED)-->
(LOCKED, RUNNING)-->(LOCKED)-RUNNING
Code:
VPS STATUS LOGS:
Aug 17, 2007 01:06:16 PM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 17, 2007 01:06:10 PM VPS is locked at the moment. It may take some time.(locked,mounted) VPS is locked at the moment. It may take some time.(locked,running)
Aug 17, 2007 01:06:04 PM VPS is mounted now. It is not running and some operations are not available.mounted VPS is locked at the moment. It may take some time.(locked)
Aug 17, 2007 01:05:49 PM VPS is up and running now.running VPS is mounted now. It is not running and some operations are not available.mounted
Aug 17, 2007 12:46:10 PM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 17, 2007 12:46:04 PM VPS is mounted now. It is not running and some operations are not available.mounted VPS is locked at the moment. It may take some time.(locked)
Aug 17, 2007 12:45:16 PM VPS is up and running now.running VPS is mounted now. It is not running and some operations are not available.mounted
Aug 17, 2007 09:37:13 AM VPS is starting up at the moment. It may take some time.(starting) VPS is up and running now.running
Aug 17, 2007 09:37:10 AM VPS is stopping now. It may take some time.(stopping) VPS is starting up at the moment. It may take some time.(starting)
Aug 17, 2007 09:36:52 AM VPS is up and running now.running VPS is stopping now. It may take some time.(stopping)
Aug 17, 2007 08:51:46 AM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 17, 2007 08:51:25 AM VPS is up and running now.running VPS is locked at the moment. It may take some time.(locked)
Aug 16, 2007 03:00:18 PM VPS is locked at the moment. It may take some time.(locked) VPS is up and running now.running
Aug 16, 2007 03:00:03 PM VPS is mounted now. It is not running and some operations are not available.mounted VPS is locked at the moment. It may take some time.(locked)
Aug 16, 2007 02:59:39 PM VPS is up and running now.running VPS is mounted now. It is not running and some operations are not available.mounted
Also I'm receiving emails with ftpd, exim, cpsrvd failed
when that happens:
Code:
ftpd failed @ Fri Aug 17 09:37:26 2007. A restart was attempted
automagically.
View 2 Replies
View Related
Jan 8, 2007
explain me state table parameters when you run TOP ?
sbwait lockf select
I could find info about them in MAN
View 0 Replies
View Related
Dec 26, 2007
Did anyone see that anywhere?
View 14 Replies
View Related
Dec 22, 2007
Is there any where I can find out that?
We're setting up a new facility there and some quoted me $10/amps, some quoted me up to $15/amps.
View 9 Replies
View Related
Jun 8, 2009
I'm interested in making a site which would stream video game (RPG) audio to users through flash. I have long searched for a service that I could use to listen to that odd track from final fantasy 8 for example (and not some cheap midi) without going through hundreds of links etc. So I'm thinking of making one myself.
I know there are sites that host mass video game mp3s (gh.ffshrine.org) and also remix and host video game music (ocremix.org) but I don't know if what they are doing is OK by normal hosting standards.
if it is, <snipped>.
View 8 Replies
View Related
Apr 23, 2008
I have a question regarding, hard drives and performance etc... I only use it for forums and currently is only one site (hopefully couple more in no time)
Currently I have 2x36gb SAS in raid 1 obviously containing everything including dbs and /home. and a third 250gb drive for backups only ^^ Ronny did an excelent job setting this up.
Any ways, my problem is that I wan't to allow some attachments on my forums, and this would take a significant ammount of space over 1gb no problem and then keep increasing (that's gonna sux for bandwidth). I know it will fit in the SAS drives no problems, dbs are rather small at the time (2.5gb in total) but logs are quite big 5-10gbs in total.
I thought it might be a good idea to purchase another drive. This 4th drive would be 750 and backups would move there , and use the 250 for the /home directory. This would give a lot of room for uploads, and backups accordingly and keep the fast ones for OS and dbs
I was told, however, and understandebly, that a lot of performance would be lost by moving /home to a SATA drive I know SATAS are no way as fast, but then vbulletin can't upload attach files to a folder outside its hirachy (without complicated modifications).
(Note: i didn't specify my resons for wanting such set up)
So I'm in a bit of a pickle. Having the bigger drive would allow me to have the attachments, and should eventually result on more traffic etc to my site. /home currently is only 150mbs big... but then performance is also an issue pitty i couldn't afford the bigger drices at the time [sees the point of renting over buydowns now]
is there a way that /var/log/httpd saves those massive logs on another drive? it would free up 5-10gbs
in shortIs moving /home to a SATA drive from Raid 1 SAS a bad idea? (considering space and purpose)
Could httpd logs or /var/log in general be moved to the backup/another drive?
View 7 Replies
View Related
Apr 16, 2007
Currently I am using rsync to backup directory and mysqldump sql file on both external and internal backup drive
Now the directory has around 100,000 files that hardly change. Only thing that happens in that directory is either the old files are deleted or new files are added. All of them image
Due to some reason when i rsync using any of the two commands below, it transfer each and every file again rather then transferring the new or updated files.
Here is what i am currently using
rsync -avH /old/path /destination/path (this is for internal backup drive)
or
rsync -avz -e ssh /old/path username@username.remoteaddress:/destination/path
why all my files in the directory all uploaded again
View 4 Replies
View Related
Aug 19, 2007
I have a Cpanel box, in WHM I used the "PHP Configuration Editor" and changed the php execution time (minor change). After clicking save I now get the following error on any php using sessions:
Warning: session_start() [function.session-start]: open(/tmp /sess_1d374c43a0f726cd43776f9f92485bec, O_RDWR) failed: No such file or directory (2) in /home/continou/public_html/control/index.php on line 4
One thing I noticed it did was turn on PHPSuexec which generally causes problems for me. I turned that off and the error response changed slightly (to above) but the problem is not solved.
I tried rebooting the server. /tmp does exist, I am now rebuilding apache in hopes that corrects the problem.
View 3 Replies
View Related
Aug 18, 2008
When i login to the root for the server and go to mysql process list i see a lot of processes that are connected to photo handling and the sate is Locked with over 500 seconds of each one.
I see there is one process that the state says: Copying to tmp table
I read online that if this is taking long it might lock up other queries causing your server to perform slow and only solution is to restart mysql servers.
Right now i have over 100 queries that say Locked and one that says Copying to tmp table....each time i have to restart the mysql services but this happens every 10 minutes as i have enough traffic to cause this problem.
View 9 Replies
View Related
Aug 2, 2013
I have Apache 2.4.6 x64 installation. With the lapse of time, more and more threads appear that are stuck in "L" state.
They are all gone after httpd restart, leaving 408 errors in access logs. What can be the reason?
Can mod_log_rotate be involved? Currently it's set to rotate every 2 days.
View 11 Replies
View Related
Jul 8, 2008
I have read about addon domains but I have still one doubt regarding same. Suppose I have buy two domains which have no any relationship with each other like one is of my family (viralshah3112andfamily.com) and one is for my uncle's business site (xyz.com) . Now if I host them in one account as addon domain, both will have different identity? Means both will have different URL like xyz.com and viralshah3112andfamily.com. Is it so?
View 8 Replies
View Related
Jan 13, 2007
I'm using .htaccess file and mod_auth_mysql for protection of a site, where the old users are in flat passwd file and the new ones are in DB, so i need both the standart .htpasswd check and if the user is not there check in the mysql DB
well here is how currently my htaccess file looks:
------------------------
AuthName "Password Protected Pages"
AuthType Basic
AuthUserFile /home/edited/.htpasswd
<limit GET POST PUT>
require valid-user
</limit>
AuthMySQLAuthoritative Off
AuthName "Members Only"
AuthType Basic
AuthGroupFile /dev/null
AuthMySQLHost domain-removed.com
AuthMySQLDB username-removed
AuthMySQLUser user-removed
AuthMySQLPassword edited
AuthMySQLUserTable members
AuthMySQLNameField username
AuthMySQLPasswordField password
AuthMySQLPwEncryption none
AuthMySQLUserCondition "status=1 AND siteid=2"
require valid-user
----------------
but the site doesn't accept neither the flat passwd file users, neither the ones from the nats DB, it just pop-ups the password dialog box again, whicih means that the password is not accepted
For the users i tested with i double checked that they DO exist in the htpasswd file or in the DB, so its not that
also, cause the site and the DB are on different servers, i have authorised the first one to query the mysql db at the second, so its not from that as well
i have removed the sensitive information (domains, users and passwords from the sample code i pasted here)
so...i'm totally lost here and any directions or ideas will be highly apprecicated
View 0 Replies
View Related
Mar 15, 2008
i want to star a real state portal, but i have some questions on what kind of server i will need.
So my real state portal will have:
PHP/Sql Databases (for all the information)
Up to 20000 images (50kb each)
Up to 500 Videos (encoded in flv. 400kbps at full screen)
Visitors / moth: 100000
Assuming that every user that enter the site, views many houses, and videos and photos.
What kind of server or servers will i need to keep this website running?
View 3 Replies
View Related
Apr 7, 2008
I have ftp server (pure-ftp). with firewall.
i allowed 20 and 21 port in "CSF" firewall
now when i or our client connect to the server connection done.
and the they fire dir or ls command they will receive error
"425 Could not open data connection to port 2535: Connection timed out"
what is the problem.i have already allowed passive port 2500:3500 then why i received this types of error
View 3 Replies
View Related
Jan 26, 2009
I am working on a survey about top hosting news website.
View 10 Replies
View Related
