1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Does Cpanel overwrite iptables?

Discussion in 'General Discussion' started by ciordia9, Oct 11, 2005.

  1. ciordia9

    ciordia9 New Member

    Joined:
    Oct 11, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    I'm not a neophyte when it comes to iptables, but this behavior has me crosseyed. I edit my iptables to allow port 8080 availability. I iptable-save it to the /etc/sysconfig/iptables file. Within a days time period my rule is gone from iptables. If I restart the service, it pulls the rules correctly from sysconfig and my port is there.. again it dissapears.

    I have been hunting through the system for a mechanism which cleans the rules and just can't put my finger on it, but since cpanel is the only culprit i have not had extended experience on I feel it is something within it. The rest of the services on this centos4 box are just mambo and tomcat.

    I've seen others point out this iptables-dropping issue but all the responses echo back to AFP and I don't need AFP, I just need these rules to stay and not get pruned during runtime.

    Clues & Comments welcome!

    -a
     
  2. chirpy

    chirpy Super Moderator

    Joined:
    Jun 15, 2002
    Messages:
    13,499
    Likes Received:
    14
    Trophy Points:
    38
    Location:
    Go on, have a guess
    A couple of ideas:

    1. Do you have WHM > Tweak Security > SMTP Tweak > enabled? If so, it adds iptables rules to limit who can connect to port 25 and may be the cause

    2. If you're using an RH derivative OS, have you got the rpm that includes lokkit installed (redhat-config-securitylevel-tui I think)? If so, you might want to remove it

    Lastly, you should check that your modifications are indeed being saved to /etc/sysconfig/iptables
     
  3. ciordia9

    ciordia9 New Member

    Joined:
    Oct 11, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Three good ideas to look into, and unfortunatly all come up null.

    SMTP Tweaks are not enabled.
    lokkit & derrivitives are not installed
    & yes /etc/sysconfig/iptables contains the entries that should be there.

    It is so very strange. On a fresh boot, once the system is loaded my iptables changes are not online. I literally have to restart iptables and it auto-loads the /etc/sysconfig/iptables file, but for the life of me I don't know why it's not on-boot. Nor can I fathom whats causing it to revert while running. I've just never witnessed behavior such as this. It's always been more binary, it works, or it doesnt, and for straight forward reasons.

    Any other suggestions?
     
  4. ciordia9

    ciordia9 New Member

    Joined:
    Oct 11, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    somfabiz..

    Looks like the hosting provider that installed cpanel also installed apf but I was not aware. This has got to be the culprit. If this doesn't fix I'll tag the thread again but I'm betting apf is controlling the game.

    Thanks for the brainpower.

    -a
     
  5. chirpy

    chirpy Super Moderator

    Joined:
    Jun 15, 2002
    Messages:
    13,499
    Likes Received:
    14
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Aha! If you stop and disable APF, be aware that there's a daily cron job that restarts it in /etc/cron.daily/fw
     

Share This Page