Iptables not adding rules - DNSonly

Planky

Member
Dec 22, 2014
19
0
1
cPanel Access Level
Root Administrator
Have a Centos 5.10 server running DNSonly. I want to change the SSH port to a different number, and update the firewall rules accordingly - however they are not being added

Code:
[email protected] [~]# sudo iptables -A INPUT -p tcp --dport 4535 -j ACCEPT
[email protected] [~]# sudo iptables -A OUTPUT -p tcp --sport 4535 -j ACCEPT
No errors are given. However listing the currently active rules does not show the above.

Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
cP-Firewall-1-INPUT  all  --  anywhere             anywhere
acctboth   all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:soap-http

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
cP-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
acctboth   all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http
ACCEPT     tcp  --  anywhere             anywhere            tcp spt:soap-http

Chain acctboth (2 references)
target     prot opt source               destination
           tcp  --  ns3.domainname.com      anywhere            tcp dpt:http
           tcp  --  anywhere             ns3.domainname.com     tcp spt:http
           tcp  --  ns3.domainname.com      anywhere            tcp dpt:smtp
           tcp  --  anywhere             ns3.domainname.com     tcp spt:smtp
           tcp  --  ns3.domainname.com      anywhere            tcp dpt:pop3
           tcp  --  anywhere             ns3.domainname.com     tcp spt:pop3
           icmp --  ns3.domainname.com      anywhere
           icmp --  anywhere             ns3.domainname.com
           tcp  --  ns3.domainname.com      anywhere
           tcp  --  anywhere             ns3.domainname.com
           udp  --  ns3.domainname.com      anywhere
           udp  --  anywhere             ns3.domainname.com
           all  --  ns3.domainname.com      anywhere
           all  --  anywhere             ns3.domainname.com
           all  --  anywhere             anywhere

Chain cP-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imaps
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:tpcsrvr
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:infowave
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:tsrmagt
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:26
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:webcache
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:imap
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3s
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:gnunet
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:eli
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:nbx-ser
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:urd
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:nbx-dir
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:mysql
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:radsec
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:domain
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,202
363
I am happy to see that resolved the issue. Thank you for updating us with the outcome.