Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Iptables not adding rules - DNSonly

Discussion in 'General Discussion' started by Planky, Jan 19, 2015.

  1. Planky

    Planky Member

    Joined:
    Dec 22, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Have a Centos 5.10 server running DNSonly. I want to change the SSH port to a different number, and update the firewall rules accordingly - however they are not being added

    Code:
    root@ns3 [~]# sudo iptables -A INPUT -p tcp --dport 4535 -j ACCEPT
    root@ns3 [~]# sudo iptables -A OUTPUT -p tcp --sport 4535 -j ACCEPT
    
    No errors are given. However listing the currently active rules does not show the above.

    Code:
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination
    cP-Firewall-1-INPUT  all  --  anywhere             anywhere
    acctboth   all  --  anywhere             anywhere
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination
    cP-Firewall-1-INPUT  all  --  anywhere             anywhere
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    acctboth   all  --  anywhere             anywhere
    ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http
    ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http
    ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http
    ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http
    
    Chain acctboth (2 references)
    target     prot opt source               destination
               tcp  --  ns3.domainname.com      anywhere            tcp dpt:http
               tcp  --  anywhere             ns3.domainname.com     tcp spt:http
               tcp  --  ns3.domainname.com      anywhere            tcp dpt:smtp
               tcp  --  anywhere             ns3.domainname.com     tcp spt:smtp
               tcp  --  ns3.domainname.com      anywhere            tcp dpt:pop3
               tcp  --  anywhere             ns3.domainname.com     tcp spt:pop3
               icmp --  ns3.domainname.com      anywhere
               icmp --  anywhere             ns3.domainname.com
               tcp  --  ns3.domainname.com      anywhere
               tcp  --  anywhere             ns3.domainname.com
               udp  --  ns3.domainname.com      anywhere
               udp  --  anywhere             ns3.domainname.com
               all  --  ns3.domainname.com      anywhere
               all  --  anywhere             ns3.domainname.com
               all  --  anywhere             anywhere
    
    Chain cP-Firewall-1-INPUT (2 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imaps
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:tpcsrvr
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:domain
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:infowave
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:tsrmagt
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:26
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:webcache
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imap
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3s
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:gnunet
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:eli
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:nbx-ser
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:urd
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:nbx-dir
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:mysql
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:radsec
    ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:domain
    
    
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,884
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    I suggest installing a third-party firewall management utility such as CSF to help manage your firewall rules:

    ConfigServer Security & Firewall

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Planky

    Planky Member

    Joined:
    Dec 22, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Done, is working now thank you
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,884
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    I am happy to see that resolved the issue. Thank you for updating us with the outcome.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice