Does Cpanel overwrite iptables?

ciordia9

Registered
Oct 11, 2005
3
0
151
I'm not a neophyte when it comes to iptables, but this behavior has me crosseyed. I edit my iptables to allow port 8080 availability. I iptable-save it to the /etc/sysconfig/iptables file. Within a days time period my rule is gone from iptables. If I restart the service, it pulls the rules correctly from sysconfig and my port is there.. again it dissapears.

I have been hunting through the system for a mechanism which cleans the rules and just can't put my finger on it, but since cpanel is the only culprit i have not had extended experience on I feel it is something within it. The rest of the services on this centos4 box are just mambo and tomcat.

I've seen others point out this iptables-dropping issue but all the responses echo back to AFP and I don't need AFP, I just need these rules to stay and not get pruned during runtime.

Clues & Comments welcome!

-a
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,453
31
473
Go on, have a guess
A couple of ideas:

1. Do you have WHM > Tweak Security > SMTP Tweak > enabled? If so, it adds iptables rules to limit who can connect to port 25 and may be the cause

2. If you're using an RH derivative OS, have you got the rpm that includes lokkit installed (redhat-config-securitylevel-tui I think)? If so, you might want to remove it

Lastly, you should check that your modifications are indeed being saved to /etc/sysconfig/iptables
 

ciordia9

Registered
Oct 11, 2005
3
0
151
Three good ideas to look into, and unfortunatly all come up null.

SMTP Tweaks are not enabled.
lokkit & derrivitives are not installed
& yes /etc/sysconfig/iptables contains the entries that should be there.

It is so very strange. On a fresh boot, once the system is loaded my iptables changes are not online. I literally have to restart iptables and it auto-loads the /etc/sysconfig/iptables file, but for the life of me I don't know why it's not on-boot. Nor can I fathom whats causing it to revert while running. I've just never witnessed behavior such as this. It's always been more binary, it works, or it doesnt, and for straight forward reasons.

Any other suggestions?
 

ciordia9

Registered
Oct 11, 2005
3
0
151
somfabiz..

Looks like the hosting provider that installed cpanel also installed apf but I was not aware. This has got to be the culprit. If this doesn't fix I'll tag the thread again but I'm betting apf is controlling the game.

Thanks for the brainpower.

-a