Run Iptables --flush And Down Server

Aug 15, 2007

i run iptables --flush my server go to full down and must go to restart

View 6 Replies


ADVERTISEMENT

After Flush+zero Iptables, Will A New Iptables Ban Work

Jan 5, 2008

I execute the following commands, in the following order:

iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP

will that last command successfully ban that IP until reboot?

If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.

View 2 Replies View Related

I Have To Flush Iptables On Every Reboot

Jun 27, 2007

I'm running CentOS 4.4 32 bit.

At the moment every time I reboot my server I have to execute:
# iptables --flush
# iptables --zero

just to be able to access the server. (Though it does allow SSH to access before executing those).

And I figured out that I must do something to /etc/sysconfig/iptables to permanently be able to access the server without those commands after reboot. Right?

Below is the file's contents:

# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT

What do I need to do?

View 1 Replies View Related

Flush CSF (csf.deny)

May 15, 2008

How can flush csf blocked ips? (csf.deny)

View 4 Replies View Related

Flush CPHulk Database

Apr 25, 2009

do you know how to flush out Flush cPHulk Database weekly? I dont know how i can set up a cron for that. this is because the expiration of brute force lasts for 2 weeks which is too long for the clients

View 3 Replies View Related

Failed To Flush Buffer

May 28, 2008

I'm getting this on my VPS:

Notice: ob_flush() [ref.outcontrol]: failed to flush buffer. No buffer to flush. in /home/.../download_ip.php on line 215

What is causing this? Memory Limit in PHP? or something else?

View 5 Replies View Related

Flush Cache On CentOS

Jun 15, 2007

How do I flush the cache on CentOS cache and Buffer or either one.

on top command I see a lot of ram in cache and I want to flush the cache.

How do I do that? any kommands?

View 2 Replies View Related

Mysql: Schedule Flush Query Cache

Dec 5, 2007

I want to run flush query cache, saying once a week. Is there anyway to schedule it, so system can do it automatically? Currently, I have to login server, and run it manually

View 1 Replies View Related

Iptables Locking Up Server

May 10, 2007

I don't know why, but the server locks up daily at different times of the day. I have to reboot, flush iptables and it will happen again hours later.

I don't know what to look for, what logs, etc.

I'm confident it is something within iptables

I have apf/bfd installed and dos deflate as well.

How can I trace this?

Nothing suspicious in /tmp either

View 4 Replies View Related

Securing Server - Iptables Or APF

Jul 11, 2007

way to secure a server? I have iptables on my box but havent seen any scripts which i can base my config on.

I have seen that APF seems to be popular, and from the scripts seems quite simple to setup.

I'm not afraid of iptables per se but i would like a script on which to base for cpanel, do any exist?

I also like the simplicity of APF but i am currently running static nat on iptables and wish to maintain this functionality, the server is used as a vpn gateway.

Any ideas or links to base configuration scripts that would be suitable and maintain my static nat? Are there any checklists which i could go against to ensure everything is secure?

View 14 Replies View Related

SSH Access To My Server Only From IP Address IPtables

May 7, 2009

my question

i Have a server with centos and WHM cpanel , the last days i have read in the ssh log files (security) many failure logins from many IP adress

i read some about IPtables and everytime when i read in the log for an ip i block this Ip from IPtables , but this seems bad and boring exepiriance everyday.

so does anyone know the exact command for the IPtables , how to have access to my ssh ONLY from my ip address ?

my IP adress it is static and i want only from that ip to have access to the server and noone else from diferent ip

View 6 Replies View Related

Server Ban Me, How2find If Iptables, Apf, Mod_security, Suhosin

Apr 17, 2009

My server ban me sometimes, while I am surfing on one of my websites(mostly Drupal, Joomla, Wordpress). Sometimes it happens with first visit sometimes later. I couldnt find the reason. Sometimes I cannot either create a ssh connection after ban. But ping answered after ban.

Which path/logs should I analize to find it? I tried with grep but couldnt find:

grep -iR 'my.old.ip' /var/log ... /etc/apf ... /usr/local/apache/...

I think mod_security and suhosin cannot block ssh, then iptables, lokkit or apf must be preventer here.

Where are logs of Iptables and APF? Or how can I find the reason?

View 2 Replies View Related

Plesk Automation :: PPA Install On Infrastructure Running Parallels Cloud Server - IPTables / Firewall

Apr 9, 2014

I'm in the process of installing PPA on infrastructure running Parallels Cloud Server. Each container has 2 interfaces, one public facing and a private interface for inter-server communication.

No problems installing PPA 11.5 (specifying IP's on commandline) or adding service nodes however, the firewall rules the documentation speaks of are nowhere to be seen? i.e.:

Important: After the installation, PPA creates the special firewall chain PPA-SN-Rules-INPUT used for communication with service nodes. Do not change it, otherwise, you will not be able to add service nodes to PPA.Click to expand...

Has this been dropped from PPA 11.5 ? (I recall seeing the firewall settings in 11.1) There is also no sign of the ppa.firewall tool that is also mentioned.

The only rule I see inserted is for Postgres on the management node, and 2 for pleskd on all of the nodes (open to world!).

View 2 Replies View Related

Iptables Gone

Aug 4, 2006

I am experiencing a strange problem with iptables: after in activate them, they are gone in a few minutes. For example, I drop traffic from an ip and after few seconds, all rules are flushed without touching anything!

View 2 Replies View Related

How Many IPs Can I Add To IPtables ?

Jan 20, 2008

I need to block about 5000 IPs .. Is it possible to add this amount of IPs to iptables?

I mean ... Will this slow down the machine response?

View 7 Replies View Related

Iptables Or Apf?

May 24, 2007

What do you prefer or what do you think is better, iptables or apf for a firewall?

View 9 Replies View Related

Csf And Iptables

Apr 13, 2009

i install csf on centos,

my server is working but the network is unreachable,

i try to run "service iptables stop",

and the server is unreachable now,

i check from whm,it shows csf is working,

but i ssh the server and type "service iptables status",

it shows "firewall is stopped",

is it correct?

is not,how can i fix the issue?

View 11 Replies View Related

IPTables

Apr 10, 2009

Is there a way for me to whitelist myself or something?

I get up everyday and have to call LSN because my server has blocked me for some reason...

View 10 Replies View Related

Iptables

Feb 4, 2007

If I keep getting spam from a certain IP, can I add that IP to Iptables? Will it stop me receiving spam from that IP? I'm not quite sure how it all works.

Or what is the most effective method to stop spam?

View 14 Replies View Related

IPTables

Sep 21, 2007

I've got two VPS's and both have the same ruleset for outbound EG_TCP

Code:
EGF="1"

EG_TCP_CPORTS="21,25,37,43,53,80,110,113,123,443,873,2089,3306"

EG_UDP_CPORTS="53,465,873,6277"
Whenever I turn EGF to 1 my VPS locks me out of everything, I need togo into hyperVM to turn it off and restart my firewall.

What would cause this?

It's Fedora Core 5 on OpenVZ i've googled and cannot seem to find a reason why it would do that. Could be something in the host node kernel that may need adjusting?

View 2 Replies View Related

Iptables

May 15, 2007

I am working with iptables and am trying to figure out the best ruleset for cpanel servers.

I have a few custom ports for a few services, but other than that, does anyone have a recommended ruleset for the typical cpanel cluster?

View 5 Replies View Related

Iptables

Sep 12, 2007

how can i clear iptables?

i enter many ip in it that most of them is worng and i must clear it

View 2 Replies View Related

Iptables

Oct 29, 2007

Do you find iptables enough or do you use a hardware firewall for linux? I haven't used anything less than hardware firewalls for years but I gather than most simply rely on iptables. Is that a smart choice?

View 6 Replies View Related

IPTables

Mar 25, 2007

I got blocked by my server. Hivelocity helped me to gain access by my server.

I was told that to avoid being blocked again I should type

iptables -A INPUT 202.155.151.185 -j ACCEPT

What I ended up was

iptables -A INPUT 202.155.151.185 -j ACCEPT
Bad argument `202.155.151.185'
Try `iptables -h' or 'iptables --

View 5 Replies View Related

Iptables !

Sep 27, 2007

i have code :

1. IF=`/sbin/route | grep -i 'default' | awk '{print$8}'`
2. IP=`/sbin/ifconfig $IF | grep "inet addr" | awk -F":" '{print$2}' | awk '{print $1}'`
3. IPT="/usr/sbin/iptables"
4. NET="any/0"
5. DNS="xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy"
6. SERV_TCP="22 80 443 "
7. SERV_UDP="53 123"
8. HI_PORTS="1024:65535"
........

i dont know line of 5's sense .I am must changed warrant is what?

View 5 Replies View Related

Iptables

Oct 6, 2007

Code:

# iptables -D INPUT -s 25.55.55.55 -j DROP
iptables v1.3.8: Couldn't load target `standard':/usr/local/lib/iptables/libipt_standard.so: cannot open shared object file: No such file or directory
What is going on? The libipt_standard.so file is located in /lib/iptables, but not /usr/local/lib/iptables. I tried moving all of the libipt files into the /usr/local/lib/iptables directory, but I got segmentation errors.

View 1 Replies View Related

APF & Iptables Not Starting

Nov 7, 2006

I have installed APF on box and set ports for in and out and enabled it.. of course, iptables is running from booting..

[root@localhost /]# runlevel
N 3
[root@localhost /]# chkconfig --list | grep iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@localhost /]# chkconfig --list | grep apf
apf 0:off 1:off 2:off 3:on 4:on 5:on 6:off

but when I check it like this

[root@localhost ~]# service iptables status
Firewall is stopped.
[root@localhost ~]# service iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: mangle filter [ OK ]
Unloading iptables modules: ^[[A [ OK ]
[root@localhost ~]# service iptables status
Firewall is stopped.

it said iptables is stop...even I start manually...

I am not sure APF is running correctly because of iptables..

View 10 Replies View Related

Cannot Load Iptables

Sep 10, 2006

# apf -r
Unable to load iptables module (ip_tables), aborting.

# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

# uname -a
Linux servername 2.6.17.9 #1 SMP Sun Aug 27 17:08:11 ICT 2006 i686 athlon i386 GNU/Linux


is there any reason that I cannot use iptables? If I edit monokern option in apf to 1, I cannot use ftp in passive mode

View 14 Replies View Related

Iptables Not Working With CSF

Feb 7, 2008

I have CSF installed on one of our server.

CSF dont ban the IP and if manually it is done I get following error.
----------------
csf -d 195.88.65.47
Adding 195.88.65.47 to csf.deny and iptables DROP...
iptables: Index of insertion too big
DROP all opt -- in !lo out * 195.88.65.47 -> 0.0.0.0/0
Error: iptables command [/sbin/iptables -v -I INPUT 2 -i ! lo -s 195.88.65.47 -j DROP] failed, at line 864
-------------------
Also iptables is not running on server.
If status is checked it says its stopped.

I have many sites on my server I dont want to get any downtime.

Please let us know how can we fix this issue as soon as possible.

I have tried reinstall CSF but still the issue remains same.

View 3 Replies View Related

Flushing Iptables

Sep 16, 2007

I keep trying to flush my iptables on my linux server but every time i try to do so my server seems to freeze (i lose access and have to reboot it for it to come back online), how can I go about deleting those ips manually rather than executing the flushing command? what options do I have?

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved