The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Firewall rules keep getting changed automatically

Discussion in 'General Discussion' started by joel69, Mar 10, 2006.

  1. joel69

    joel69 Active Member

    Joined:
    Feb 17, 2005
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    East Vancouver, BC, Canada
    Hello. I have setup two cPanel servers so far. On both of them, I have a file called /root/bin/firewall.sh which clears all the IPTables rules out and sets them up the way I like it. However, I log in a few hours later, and I find that a bunch of additional rules are added, which appear to be from the default RedHat firewall. At first, I thought the server had been comprimised, however, I have setup a brand new server with no sites added to it, and discovered this problem still exists.

    Does anybody know if cPanel had a cron job or daemon that automatically tried to add these rules back in? Could it be the 'chkservd' or 'portsentry' services? I have the 'iptables' service disabled in the start up's.

    Thanks.
     
  2. xidica

    xidica Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Texas
    Are you sure the rules you're referencing aren't defined in /etc/sysconfig/iptables ? Do you have apf or BFD installed on the server?
     
Loading...

Share This Page