The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

iptables/firewall problem - not staying off!

Discussion in 'General Discussion' started by experthost1, May 10, 2004.

  1. experthost1

    experthost1 Member

    Joined:
    Apr 20, 2004
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    I have a server with CPanel on it, and I've got something really whacky going on (redhat 9 btw).

    I added IPs to the server via CPanel, and ever since then whenever I reboot the server it throws up a firewall (iptables) that blocks *everything*!

    I used lokkit to completely turn the firewall off, and even used cfgchecker (or whatever it is) to disable iptables from even starting on any of the run levels - so iptables should never even load up, but yet it still does, and blocks every port.

    Every time I get the guys at the datacenter to shut off iptables, and I think it has something to do with the extra virtual ips I've got added. When I finally can ssh in, I check and only one IP is bound to the nic, not all of them. I run /etc/rc.d/init.d/ipaliases start and it loads them up fine.

    Can anyone tell me WHY iptables is still loading up even though I've done everything I can think of to turn it off? Or even better, just a proper config so I can actually use iptables with a Cpanel server.

    TIA
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Are you running APF or some other iptables firewall product?
     
  3. experthost1

    experthost1 Member

    Joined:
    Apr 20, 2004
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Well, from my knowledge it was just a typical RedHat 9 installation. Then CPanel was installed, so whatever that added is on there too. I'm not familiar with RedHat enough to know the various firewall "packages", I just know how to use iptables directly.

    The weird thing is that this only started to happen once I added IPs using CPanel - before that the server never enabled any firewall stuff when it would boot up. It also doesn't make sense that the ipaliases startup script isn't being run on bootup, yet it's configured to start up on the proper runlevels.

    I'll check to see if there are any other firewall packages possibly on the server, but for now my fix will be to issue:

    iptables -t nat -F
    iptables -t filter -F
    iptables -t mangle -F
    iptables -X

    iptables -P INPUT ACCEPT
    iptables -P FORWARD DROP
    iptables -P OUTPUT ACCEPT

    In the rc.local file.
     
Loading...

Share This Page