preventing being locked out from system?

Mo

Active Member
Nov 21, 2001
25
0
301
Is there any sure way of preventing a firewall / iptables from locking up and not allowing anyone access to the server via SSH? I remember a cron script running might help but cant seem to find it?

Any help is appreciated!

cPanel.net Support Ticket Number:
 

haze

Well-Known Member
Dec 21, 2001
1,548
3
318
If you aren't very familiar with iptables you might want to get a script to help you manage it. I use and recommend APF from r-fx.net. You can add your IP to the allow_hosts.rules script which will allow access from your IP.

cPanel.net Support Ticket Number:
 

hostit1

Well-Known Member
Jul 24, 2003
88
0
156
I think I know what you mean. Possibly

Are you running into the problem of creating a firewall rule, applying it, then being locked out?

Create a small sh script with the following:

service iptables start
sleep 10
service iptables stop


chmod it 755

Run it by typing in ./filename

What it will do is start ip tables for 10 seconds, then it will kill the service. If you get locked out, then you know that there is a issue with your rule.
In 10 seconds, you should be able to ssh back into the box and fix the rule. If after you apply then start the iptables service and you don't get locked out, then you can do a service iptables start

This is what i do at least.

Tim