I have a vps openvz centos 6.9. My vps provider restart vps. After that My custom iptables rules not loading from this file (/etc/sysconfig/iptables). I run iptables -S and see only default rules of vps.
Code: Select all
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N AS0_ACCEPT
-N AS0_IN
-N AS0_IN_NAT
-N AS0_IN_POST
-N AS0_IN_PRE
-N AS0_IN_ROUTE
-N AS0_OUT
-N AS0_OUT_LOCAL
-N AS0_OUT_POST
-N AS0_OUT_S2C
-N AS0_U_NEWPFSEN_IN
-N AS0_U_NEWPFSEN_OUT
-N AS0_U_PFSENSE_OUT
-N AS0_U_SAMSUNG_OUT
-N AS0_WEBACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
-A INPUT -i lo -j AS0_ACCEPT
-A INPUT -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
-A INPUT -d "vps ip/32 -p tcp -m state --state NEW -m tcp --dport 915 -j AS0_ACCEPT
-A INPUT -d "vps ip/32 -p tcp -m state --state NEW -m tcp --dport 914 -j AS0_ACCEPT
-A INPUT -d "vps ip/32 -p udp -m state --state NEW -m udp --dport 917 -j AS0_ACCEPT
-A INPUT -d "vps ip/32 -p udp -m state --state NEW -m udp --dport 916 -j AS0_ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j AS0_WEBACCEPT
-A INPUT -d "vps ip/32 -p tcp -m state --state NEW -m tcp --dport 943 -j AS0_WEBACCEPT
-A INPUT -p udp -m udp --dport 1195 -j ACCEPT
-A INPUT -p udp -m udp --dport 1195 -j ACCEPT
-A INPUT -p udp -m udp --dport 1195 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 91 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
-A FORWARD -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
-A FORWARD -o as0t+ -j AS0_OUT_S2C
-A FORWARD -i venet0 -o tun0 -j ACCEPT
-A FORWARD -i tun0 -o venet0 -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i venet0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o as0t+ -j AS0_OUT_LOCAL
-A AS0_ACCEPT -j ACCEPT
-A AS0_IN -d 172.27.224.1/32 -j ACCEPT
-A AS0_IN -s 0.0.0.0/32
-A AS0_IN -s 192.168.10.0/24 -j AS0_U_NEWPFSEN_IN
-A AS0_IN -j AS0_IN_POST
-A AS0_IN_NAT -j MARK --set-xmark 0x8000000/0x8000000
-A AS0_IN_NAT -j ACCEPT
-A AS0_IN_POST -d 10.8.0.0/24 -j ACCEPT
-A AS0_IN_POST -d 192.168.10.0/24 -j ACCEPT
-A AS0_IN_POST -o as0t+ -j AS0_OUT
-A AS0_IN_POST -j DROP
-A AS0_IN_PRE -d 169.254.0.0/16 -j AS0_IN
-A AS0_IN_PRE -d 192.168.0.0/16 -j AS0_IN
-A AS0_IN_PRE -d 172.16.0.0/12 -j AS0_IN
-A AS0_IN_PRE -d 10.0.0.0/8 -j AS0_IN
-A AS0_IN_PRE -j ACCEPT
-A AS0_IN_ROUTE -j MARK --set-xmark 0x4000000/0x4000000
-A AS0_IN_ROUTE -j ACCEPT
-A AS0_OUT -d 0.0.0.0/32
-A AS0_OUT -d 192.168.10.0/24 -j AS0_U_NEWPFSEN_OUT
-A AS0_OUT -j AS0_OUT_POST
-A AS0_OUT_LOCAL -p icmp -m icmp --icmp-type 5 -j DROP
-A AS0_OUT_LOCAL -j ACCEPT
-A AS0_OUT_POST -j DROP
-A AS0_OUT_S2C -s 10.8.0.0/24 -j ACCEPT
-A AS0_OUT_S2C -s 192.168.10.0/24 -j ACCEPT
-A AS0_OUT_S2C -j AS0_OUT
-A AS0_U_NEWPFSEN_IN -d 192.168.10.0/24 -j AS0_IN_ROUTE
-A AS0_U_NEWPFSEN_IN -j AS0_IN_POST
-A AS0_U_NEWPFSEN_OUT -s 10.8.0.0/24 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -s 192.168.10.0/24 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -s 192.168.10.0/24 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -s 172.27.224.0/20 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -j AS0_OUT_POST
-A AS0_U_PFSENSE_OUT -s 172.27.224.0/20 -j ACCEPT
-A AS0_U_SAMSUNG_OUT -s 172.27.224.0/20 -j ACCEPT
-A AS0_WEBACCEPT -j ACCEPT