The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help - IpTables won't start.

Discussion in 'General Discussion' started by jols, Apr 25, 2006.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    /etc/rc.d/init.d/iptables restart
    Flushing firewall rules: [ OK ]
    Setting chains to policy ACCEPT: mangle filter [ OK ]
    Unloading iptables modules: [ OK ]

    But then I run:

    /etc/rc.d/init.d/iptables status

    ... and I get:

    Firewall is stopped.


    With all the OKs before, seems like it starts up. But I just can't get a status.

    Is there another way to check to see if the firewall is up?
     
  2. abubin

    abubin Well-Known Member

    Joined:
    Dec 7, 2004
    Messages:
    393
    Likes Received:
    1
    Trophy Points:
    18
    try this command : iptables -L

    If it's running, it should list all your iptables rules.
     
  3. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38

    Thanks, I did run that, and saw no rules listed. There should have been plenty as we have apf installed.

    Finally after restarting apf several times, we were able to see the rules, but still getting the:

    /etc/rc.d/init.d/iptables status

    Firewall is stopped.


    Thanks to a tech at EV1 who pointed out that they are now installing RedHat Enterprise 4 (instead of RedHat Enterprise 3) I think I see the problem. Apparently the version of iptables that go with this is a bit buggy. Or, the older/existing version of iptables no longer works completely well with RedHat Enterprise 4.

    Anyone else run into this one yet?
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I've never seen that.

    What heppens if you run:

    service iptables start
    service iptables status
    iptables -L -n


    If you get:

    Code:
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination   
    Then iptables is running just fine and you just need to start APF.

    If it still say's that it is stopped, then are you using a stock RHE kernel or a custom one? If a stock kernel, then it could be that the kernel modules are having a problem and a reboot should clear it. If you're using a custom kernel, then you're on your own and need to check that you have all the correct iptables modules installed at compile or load time.
     
Loading...

Share This Page