IPTables Mess

[aseymour]

Hello,

I noticed my server recently upgraded to 11.32.2 (build 18) during that process, it somehow managed to block access to everything through IPTables - after removing the offending rule there are still issues with certain ports still being blocked - I was told it was down to IPTables not being saved correctly (I hadn't modified it in any way and all those rules were from the initial WHM setup). Is there any reason why this would have happened?

Thanks!

 

[JayFromEpic]

Thats very strange. Worst case scenario, you can just do a "iptables -F" and start fresh. Just make sure to "service iptables save" when your done.

 

[aseymour]

Yeah - does WHM rebuild or build IPTables at any point? Say, if I did do iptables -F would WHM build that back up? My concern is it'd remove some rules that have been added.

 

[minosjl]

do you have csf installed on your server ?

 

[aseymour]

I don't believe to have CSF installed.

 

[cPanelTristan]

Hello,

You can check for CSF and/or APF using the following:

whereis csf
whereis apf

As for this happening, did the machine reboot recently? If you've restarted the machine and didn't save any firewall changes during the install process that you might have made, then the initial iptables rules will still be in effect on reboot. I know some people who have added the ports needed, never saved them with "service iptables save" and then months or years later reboot the machine, reloading the original rules. The default RedHat firewall rules do not have the necessary ports opened.

Thanks!

 

[aseymour]

I don't seem to have CSF or APF but it's my understanding that cPanel doesn't actually change/modify IPTables? If this is true, then it's the rules that my host added to the server (server has only been online for 16 days) and didn't save - however, this means that while updating to BUILD 18 either cPanel cleared the rules or restarted the server as SSH was also lost during this. Any insight from people would be greatly appreciated.

Thanks!

 

[JayFromEpic]

cPanel will never touch your iptables for obvious security reasons and everyone's setup is different.

What are you referring to as SSH was lost?

 

[padani]

Hi,

Have you had a word with your server provider? They might be able to help. Cpanel never ever behave like this.

 

[JayFromEpic]

cPanel is designed not to allow this to happen. cPanel does have the ability to make those sort of changes its self without an addon script.