Iptables Locking Me Out

Mar 2, 2007

[root@server001 root]# iptables --flush
[root@server001 root]# service iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter mangle nat [ OK ]
Unloading iptables modules: [FAILED]
Applying iptables firewall rules: [ OK ]

As soon as I restarted it, I got locked out again. Disabling iptables enables me back in ssh. What can I do to fix this?

View 9 Replies


ADVERTISEMENT

Iptables Locking Up Server

May 10, 2007

I don't know why, but the server locks up daily at different times of the day. I have to reboot, flush iptables and it will happen again hours later.

I don't know what to look for, what logs, etc.

I'm confident it is something within iptables

I have apf/bfd installed and dos deflate as well.

How can I trace this?

Nothing suspicious in /tmp either

View 4 Replies View Related

Locking Ssh Down

Mar 31, 2009

How do I lock SSH down to just my IP range and with a key?

View 7 Replies View Related

Cpanel Locking Up

Jun 26, 2009

Ive been having some issues with my cpanel lately... it seems everytime I add an account via whm or a subdomain via cpanel it locks up when "Restarting Apache"

I have 2 identical servers, 1 runs fine... this one though ive reinstalled apache...multiple times with no results... now im reinstalling cpanel and it seems forzen at 50% and just says

Apache ... ... ... ... for about 100 lines.

View 9 Replies View Related

Locking In Homedir

Feb 28, 2007

i have question about locking in homedir.. i bought few weeks ago debian box, and i need to create shell accounts with locking axx to user home directory.. or block access to other users directory..

chown 701? jail? how to?

View 2 Replies View Related

Locking Users In Their Homedir

Dec 18, 2007

a way to lock users in their directory. E.g. if I host a domain mydomain.com, I need that the owner of this domain can access (read, write, execute via ssh) only the folder www/mydomain.com and nothing else. The solution does not to be a ultrasecure one.

1] adjusting privileges (e.g. deny execute on dirs for the "others") seems a sure way to make the server unfunctional

2] rbash - when I set shell to rbash for a test user, the user can no longer connect to server through winscp

View 9 Replies View Related

[Spam Control] Locking Down A Server

Jul 13, 2008

I have a (dedicated) server out of control. It is managed by a 3rd party company who has never been able to get the spam and server load under control. Loads average over 5! and there is no activity in top other than sendmail and mailscanner (with Ensim).

I turned off mailscanner and sendmail while I typed this and server load went to .08.

I'm going to switch (dedicated) servers to a new provider (for reasons above plus a few others) which will include managed service from the server provider as well.

There are only a few programs that need to run on this server. VBulletin is the main concern.

I want to lock down all mail access. I want vbulletin to be able to send outgoing email as part of its administration and as part of its member notifications.

I don't want ANYONE OUTSIDE THE SERVER to be able to send mail through this server.

One idea I have had is to use DNS to assign all MX records of every domain on the machine to the free gmail service.

I have one domain on this machine (and important domain) that gets thousands and thousands of spam. I assigned its' MX records to NO-IP.com who filters and forwards email to me. That has worked - but server load never budged.

View 1 Replies View Related

High Load With Skip-locking From Whm

Feb 28, 2008

the load of my server is high,

i login whm and check the CPU/Memory/MySQL Usage

User Domain %CPU %MEM MySQL Processes
mysql 3.30 45.97 0.0
Top Process %CPU 1.0 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking
Top Process %CPU 0.7 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking
Top Process %CPU 0.6 /usr/sbin/mysqld --basedir/ --datadir/var/lib/mysql --usermysql --pid-file/var/lib/mysql/hostname.com.pid --skip-locking

the values are higher before,

i want to ask what is skip-locking and if i add skip-locking in my.cnf,

will the problem been improved? and will it take any effect or problem?

View 7 Replies View Related

Thttpd + Apache On Same Machine - Locking

Feb 6, 2008

I'm running apache to serve PHP files on (/home/www/) and thttpd to serve images on (/home/www/images)

thttpd runs on a different IP than apache, apache only listens to its IP.

After doing this, the number of apache processes decreased significantly, however performance has gone down, and apache is starting to crash very frequently (swapping).

Could there be a file-locking issue? Do I have to separate the images folder from the www folder?

View 0 Replies View Related

E-mail Hosting, Google Apps And Domain Locking

May 26, 2008

I've seen that a similar topic was posted earlier today, but I have more specific question. I'm looking for the e-mail only hosting. Requirements:

* dedicated IP
* SMTP + SSL (TLS)
* POP3/IMAP + SSL (TLS)
* up to 10 e-mail addresses from various domains
* forwarders (10 or more)
* 1-5 GB storage
* 10 GB bandwidth
* budget: the less the better, but I'll pay any reasonable amount of money if the service is good. Basically I need to find a provider at which I can keep my e-mail address once and for all. (I need a few e-mails only, a few forwarders, 100 MB storage and 1 GB bandwidth but I stated more so I don't run out on resources)

Is there any significant difference between SSL and TLS or is it all mainly in the proprietary vs open standard?

Is there any good reason why not to use Google Apps for this purpose? I've read that some people are concerned about privacy. Is there any pro that can comment on this (privacy issue) and remain objective?

One last (dumb?) question. What is the purpose of domain locking? Before AuthCodes were introduced I could see the reason for locking domains, but why would anyone want to lock the domain these days? (and yet I see majority still does) I mean, noone can initiate the transfer without providing AuthCode (can he?) and isn't that alone good enough to keep the domain safe? And if someone manages to gain control to the control panel to read AuthCode then he can easily unlock the domain so I see no additional layer of security.

View 5 Replies View Related

After Flush+zero Iptables, Will A New Iptables Ban Work

Jan 5, 2008

I execute the following commands, in the following order:

iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP

will that last command successfully ban that IP until reboot?

If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.

View 2 Replies View Related

Iptables Gone

Aug 4, 2006

I am experiencing a strange problem with iptables: after in activate them, they are gone in a few minutes. For example, I drop traffic from an ip and after few seconds, all rules are flushed without touching anything!

View 2 Replies View Related

How Many IPs Can I Add To IPtables ?

Jan 20, 2008

I need to block about 5000 IPs .. Is it possible to add this amount of IPs to iptables?

I mean ... Will this slow down the machine response?

View 7 Replies View Related

Iptables Or Apf?

May 24, 2007

What do you prefer or what do you think is better, iptables or apf for a firewall?

View 9 Replies View Related

Csf And Iptables

Apr 13, 2009

i install csf on centos,

my server is working but the network is unreachable,

i try to run "service iptables stop",

and the server is unreachable now,

i check from whm,it shows csf is working,

but i ssh the server and type "service iptables status",

it shows "firewall is stopped",

is it correct?

is not,how can i fix the issue?

View 11 Replies View Related

IPTables

Apr 10, 2009

Is there a way for me to whitelist myself or something?

I get up everyday and have to call LSN because my server has blocked me for some reason...

View 10 Replies View Related

Iptables

Feb 4, 2007

If I keep getting spam from a certain IP, can I add that IP to Iptables? Will it stop me receiving spam from that IP? I'm not quite sure how it all works.

Or what is the most effective method to stop spam?

View 14 Replies View Related

IPTables

Sep 21, 2007

I've got two VPS's and both have the same ruleset for outbound EG_TCP

Code:
EGF="1"

EG_TCP_CPORTS="21,25,37,43,53,80,110,113,123,443,873,2089,3306"

EG_UDP_CPORTS="53,465,873,6277"
Whenever I turn EGF to 1 my VPS locks me out of everything, I need togo into hyperVM to turn it off and restart my firewall.

What would cause this?

It's Fedora Core 5 on OpenVZ i've googled and cannot seem to find a reason why it would do that. Could be something in the host node kernel that may need adjusting?

View 2 Replies View Related

Iptables

May 15, 2007

I am working with iptables and am trying to figure out the best ruleset for cpanel servers.

I have a few custom ports for a few services, but other than that, does anyone have a recommended ruleset for the typical cpanel cluster?

View 5 Replies View Related

Iptables

Sep 12, 2007

how can i clear iptables?

i enter many ip in it that most of them is worng and i must clear it

View 2 Replies View Related

Iptables

Oct 29, 2007

Do you find iptables enough or do you use a hardware firewall for linux? I haven't used anything less than hardware firewalls for years but I gather than most simply rely on iptables. Is that a smart choice?

View 6 Replies View Related

IPTables

Mar 25, 2007

I got blocked by my server. Hivelocity helped me to gain access by my server.

I was told that to avoid being blocked again I should type

iptables -A INPUT 202.155.151.185 -j ACCEPT

What I ended up was

iptables -A INPUT 202.155.151.185 -j ACCEPT
Bad argument `202.155.151.185'
Try `iptables -h' or 'iptables --

View 5 Replies View Related

Iptables !

Sep 27, 2007

i have code :

1. IF=`/sbin/route | grep -i 'default' | awk '{print$8}'`
2. IP=`/sbin/ifconfig $IF | grep "inet addr" | awk -F":" '{print$2}' | awk '{print $1}'`
3. IPT="/usr/sbin/iptables"
4. NET="any/0"
5. DNS="xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy"
6. SERV_TCP="22 80 443 "
7. SERV_UDP="53 123"
8. HI_PORTS="1024:65535"
........

i dont know line of 5's sense .I am must changed warrant is what?

View 5 Replies View Related

Iptables

Oct 6, 2007

Code:

# iptables -D INPUT -s 25.55.55.55 -j DROP
iptables v1.3.8: Couldn't load target `standard':/usr/local/lib/iptables/libipt_standard.so: cannot open shared object file: No such file or directory
What is going on? The libipt_standard.so file is located in /lib/iptables, but not /usr/local/lib/iptables. I tried moving all of the libipt files into the /usr/local/lib/iptables directory, but I got segmentation errors.

View 1 Replies View Related

APF & Iptables Not Starting

Nov 7, 2006

I have installed APF on box and set ports for in and out and enabled it.. of course, iptables is running from booting..

[root@localhost /]# runlevel
N 3
[root@localhost /]# chkconfig --list | grep iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@localhost /]# chkconfig --list | grep apf
apf 0:off 1:off 2:off 3:on 4:on 5:on 6:off

but when I check it like this

[root@localhost ~]# service iptables status
Firewall is stopped.
[root@localhost ~]# service iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: mangle filter [ OK ]
Unloading iptables modules: ^[[A [ OK ]
[root@localhost ~]# service iptables status
Firewall is stopped.

it said iptables is stop...even I start manually...

I am not sure APF is running correctly because of iptables..

View 10 Replies View Related

Cannot Load Iptables

Sep 10, 2006

# apf -r
Unable to load iptables module (ip_tables), aborting.

# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

# uname -a
Linux servername 2.6.17.9 #1 SMP Sun Aug 27 17:08:11 ICT 2006 i686 athlon i386 GNU/Linux


is there any reason that I cannot use iptables? If I edit monokern option in apf to 1, I cannot use ftp in passive mode

View 14 Replies View Related

Iptables Not Working With CSF

Feb 7, 2008

I have CSF installed on one of our server.

CSF dont ban the IP and if manually it is done I get following error.
----------------
csf -d 195.88.65.47
Adding 195.88.65.47 to csf.deny and iptables DROP...
iptables: Index of insertion too big
DROP all opt -- in !lo out * 195.88.65.47 -> 0.0.0.0/0
Error: iptables command [/sbin/iptables -v -I INPUT 2 -i ! lo -s 195.88.65.47 -j DROP] failed, at line 864
-------------------
Also iptables is not running on server.
If status is checked it says its stopped.

I have many sites on my server I dont want to get any downtime.

Please let us know how can we fix this issue as soon as possible.

I have tried reinstall CSF but still the issue remains same.

View 3 Replies View Related

Flushing Iptables

Sep 16, 2007

I keep trying to flush my iptables on my linux server but every time i try to do so my server seems to freeze (i lose access and have to reboot it for it to come back online), how can I go about deleting those ips manually rather than executing the flushing command? what options do I have?

View 4 Replies View Related

Iptables Don't Start

Jun 4, 2007

root@xxxx[~]# service iptables status
Firewall is stopped.
root@xxxx[~]# service iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
root@xxxx[~]# service iptables status
Firewall is stopped.

why not iptables don't start ?

View 4 Replies View Related

Iptables Do Not Start

Apr 23, 2009

i create a template for xen ( hypervm ) from jailtime site. now i install iptables , but iptables do not work and when i enter " service iptables restart" , iptables do not start. ( i check it from "service iptables status" )

View 4 Replies View Related

Iptables Processing

Apr 23, 2007

I used a script to block some unwanted countries from accessing my site. In total I had about 3000 lines with ipranges. Now I just went ahead and put this on one of the servers, one that I really don't need the traffic on. But I am wondering what kind of affect this may have on the speeds. Will it really affect it more then a few ms? And anything else I should maybe worry about? Except maybe the loading time at reboots.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved