Page 1 of 1

Iptables not load / not save

Posted: 2018/05/04 12:43:20
by Shetu
Hello
I have a vps openvz centos 6.9. My vps provider restart vps. After that My custom iptables rules not loading from this file (/etc/sysconfig/iptables). I run iptables -S and see only default rules of vps.

Code: Select all

-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N AS0_ACCEPT
-N AS0_IN
-N AS0_IN_NAT
-N AS0_IN_POST
-N AS0_IN_PRE
-N AS0_IN_ROUTE
-N AS0_OUT
-N AS0_OUT_LOCAL
-N AS0_OUT_POST
-N AS0_OUT_S2C
-N AS0_U_NEWPFSEN_IN
-N AS0_U_NEWPFSEN_OUT
-N AS0_U_PFSENSE_OUT
-N AS0_U_SAMSUNG_OUT
-N AS0_WEBACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
-A INPUT -i lo -j AS0_ACCEPT
-A INPUT -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
-A INPUT -d "vps ip/32 -p tcp -m state --state NEW -m tcp --dport 915 -j AS0_ACCEPT
-A INPUT -d "vps ip/32 -p tcp -m state --state NEW -m tcp --dport 914 -j AS0_ACCEPT
-A INPUT -d "vps ip/32 -p udp -m state --state NEW -m udp --dport 917 -j AS0_ACCEPT
-A INPUT -d "vps ip/32 -p udp -m state --state NEW -m udp --dport 916 -j AS0_ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j AS0_WEBACCEPT
-A INPUT -d "vps ip/32 -p tcp -m state --state NEW -m tcp --dport 943 -j AS0_WEBACCEPT
-A INPUT -p udp -m udp --dport 1195 -j ACCEPT
-A INPUT -p udp -m udp --dport 1195 -j ACCEPT
-A INPUT -p udp -m udp --dport 1195 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 91 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j AS0_ACCEPT
-A FORWARD -m mark --mark 0x2000000/0x2000000 -j AS0_IN_PRE
-A FORWARD -o as0t+ -j AS0_OUT_S2C
-A FORWARD -i venet0 -o tun0 -j ACCEPT
-A FORWARD -i tun0 -o venet0 -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i venet0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o as0t+ -j AS0_OUT_LOCAL
-A AS0_ACCEPT -j ACCEPT
-A AS0_IN -d 172.27.224.1/32 -j ACCEPT
-A AS0_IN -s 0.0.0.0/32
-A AS0_IN -s 192.168.10.0/24 -j AS0_U_NEWPFSEN_IN
-A AS0_IN -j AS0_IN_POST
-A AS0_IN_NAT -j MARK --set-xmark 0x8000000/0x8000000
-A AS0_IN_NAT -j ACCEPT
-A AS0_IN_POST -d 10.8.0.0/24 -j ACCEPT
-A AS0_IN_POST -d 192.168.10.0/24 -j ACCEPT
-A AS0_IN_POST -o as0t+ -j AS0_OUT
-A AS0_IN_POST -j DROP
-A AS0_IN_PRE -d 169.254.0.0/16 -j AS0_IN
-A AS0_IN_PRE -d 192.168.0.0/16 -j AS0_IN
-A AS0_IN_PRE -d 172.16.0.0/12 -j AS0_IN
-A AS0_IN_PRE -d 10.0.0.0/8 -j AS0_IN
-A AS0_IN_PRE -j ACCEPT
-A AS0_IN_ROUTE -j MARK --set-xmark 0x4000000/0x4000000
-A AS0_IN_ROUTE -j ACCEPT
-A AS0_OUT -d 0.0.0.0/32
-A AS0_OUT -d 192.168.10.0/24 -j AS0_U_NEWPFSEN_OUT
-A AS0_OUT -j AS0_OUT_POST
-A AS0_OUT_LOCAL -p icmp -m icmp --icmp-type 5 -j DROP
-A AS0_OUT_LOCAL -j ACCEPT
-A AS0_OUT_POST -j DROP
-A AS0_OUT_S2C -s 10.8.0.0/24 -j ACCEPT
-A AS0_OUT_S2C -s 192.168.10.0/24 -j ACCEPT
-A AS0_OUT_S2C -j AS0_OUT
-A AS0_U_NEWPFSEN_IN -d 192.168.10.0/24 -j AS0_IN_ROUTE
-A AS0_U_NEWPFSEN_IN -j AS0_IN_POST
-A AS0_U_NEWPFSEN_OUT -s 10.8.0.0/24 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -s 192.168.10.0/24 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -s 192.168.10.0/24 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -s 172.27.224.0/20 -j ACCEPT
-A AS0_U_NEWPFSEN_OUT -j AS0_OUT_POST
-A AS0_U_PFSENSE_OUT -s 172.27.224.0/20 -j ACCEPT
-A AS0_U_SAMSUNG_OUT -s 172.27.224.0/20 -j ACCEPT
-A AS0_WEBACCEPT -j ACCEPT

Re: Iptables not load / not save

Posted: 2018/05/04 14:58:56
by TrevorH
You need to talk to your provider as we do not support openvz systems. They are not CentOS and differ in many ways that are unknown here so we are unable to help.

Re: Iptables not load / not save

Posted: 2018/05/05 05:07:46
by Shetu
Ok. Thank you.