GoWilkes

Well-Known Member
Sep 26, 2006
613
25
168
cPanel Access Level
Root Administrator
I discovered several months ago that none of my users that used Charter internet were unable to access any of my sites. After much poking and prodding, I discovered that the issue was with iptables! Something I had never even heard of until then.

The temporary solution was to disable it using:

Code:
service iptables stop
But whenever I had to reboot the server, I had to remember to run that command again.

Yesterday, I thought I would try to flush iptables in the hopes of permanently fixing the problem. I ran:

Code:
iptables -F
After letting it run for about 10 minutes, I discovered that the server had frozen up. I logged in to my provider's site and issued a soft reboot, but it still didn't come back online. It took about 2 hours of working with a tech there to get it back online, and I'm honestly not sure what s/he did to fix it.

After researching today I now know that /etc/sysconfig/iptables is somehow relevant. Mine is 1.8G in size, which seems quite large, but it was also last updated in March 2016.

Since I run CSF, do I even need iptables?

If not, how do I permanently disable it?

If so, is there a better way to flush it, or to otherwise track down and fix the issue with it blocking Charter?
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,440
1,004
313
cPanel Access Level
Root Administrator
It sounds like you're running CentOS 6, correct?

As @ZenHostingTravis said, CSF is a graphical interface for IPTables, so you won't want to remove one or the other.

If you have a very large /etc/sysconfig/iptables file on the system, that would indicate there are a large number of firewall rules, but 1.8G seems excessive. It's possible that file could be corrupted in same way as well.

You could always check this in WHM >> ConfigServer Security & Firewall. Under the "csf" tab you could use the "View iptables rules" button to see if you can view the rules present in that file, but there may need to be intervention on the command line to see exactly what is going on there.
 
  • Like
Reactions: ZenHostingTravis