The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

iptables rules changes problem

Discussion in 'Security' started by Hadi.Salim, Nov 13, 2015.

  1. Hadi.Salim

    Hadi.Salim Member

    Joined:
    Nov 12, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    yemen
    cPanel Access Level:
    Root Administrator
    ever time i set iptable rule from Bash shell get dispeer when ever the vps restart.

    is there's any why to set it permanent, From cPanel ? or whatever location.
     
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    Are you running a Firewall like CSF along side your IPtables rules ?
     
  3. Hadi.Salim

    Hadi.Salim Member

    Joined:
    Nov 12, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    yemen
    cPanel Access Level:
    Root Administrator
  4. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    have you saved your rules so they load on reboot ??
    cat /etc/sysconfig/iptables


    service iptables save
     
  5. Hadi.Salim

    Hadi.Salim Member

    Joined:
    Nov 12, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    yemen
    cPanel Access Level:
    Root Administrator
    i did but doesn't help...
     
  6. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    last but not least is your iptables set to start on boot
    chkconfig | grep iptables

    if not

    chkconfig iptables on
     
  7. Hadi.Salim

    Hadi.Salim Member

    Joined:
    Nov 12, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    yemen
    cPanel Access Level:
    Root Administrator
    Yes my iptables set to start at boot time. i have checked it.
    im wondering why this happen every time i set rule in iptables get dispeer when the vps restart.Is there's any cPanel script over write my rules ?.
     
  8. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    add a /etc/init.d/iptables restart to your rc.local file likely your server booting faster than than the network is coming up
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    cPanel will not overwrite your custom rules, but I still suggest installing a third-party firewall management utility such as CSF (it's free):

    ConfigServer Security & Firewall

    Thank you.
     
  10. Hadi.Salim

    Hadi.Salim Member

    Joined:
    Nov 12, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    yemen
    cPanel Access Level:
    Root Administrator
    my vps hosted in virtuozzo server. is there's any hard coded script in virtuozzo to overwrite my iptables rules ?
     
  11. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    Negative no script in in virtuozzo to overwrite your rules
     
  12. Hadi.Salim

    Hadi.Salim Member

    Joined:
    Nov 12, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    yemen
    cPanel Access Level:
    Root Administrator
    unfortunately we cant install CSF. due to iptables module missing from our vps. we contact our provider to install the missing module, the said our kernel is static. they cant recompile and patch the kernel for that module. they suggest us to move to dedicate server. and we are not ready too.

    is there's any way to install iptables module with out patching and recompile the kernel ?
     
  13. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    Not if your on openVZ you do not have access you will need XEN, KVM or another full virtualization to add kernel modules

    Note: CSF runs just fine on virtuozzo your host has not taken the time or to set up the node properly in the first place.
    So its not Can't is wont
     
  14. Hadi.Salim

    Hadi.Salim Member

    Joined:
    Nov 12, 2015
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    yemen
    cPanel Access Level:
    Root Administrator
    can i generate module and copy it the vps it will work ?
     
  15. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    you do not have access to the kernel so you cant load kernel modules so No
     
Loading...

Share This Page