Restart firewall got hangs

Support for security such as Firewalls and securing linux
Post Reply
qzaqza15
Posts: 4
Joined: 2017/08/09 07:42:00

Restart firewall got hangs

Post by qzaqza15 » 2017/09/14 10:28:40

The flow is as stated below:

After I run the command:

Code: Select all

service iptables restart
The is what it prompt and we can see that flush firewall rules and unloading modules works fine except the last step which is applying firewall rules.

Code: Select all

iptables: Setting chains to policy ACCEPT: nat filter      [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         
It keep on hanging for more than one hour and I don't know should I force close it or not. Anyone could give me some advice on how to exit this in proper way or what may be the cause of it?

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Restart firewall got hangs

Post by TrevorH » 2017/09/14 10:53:56

If you did that via an ssh session then try starting a new ssh session, login and check the state of your rules now. When you restart iptables like that it can interrupt existing connections and one of those would be your ssh connection.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

qzaqza15
Posts: 4
Joined: 2017/08/09 07:42:00

Re: Restart firewall got hangs

Post by qzaqza15 » 2017/09/14 10:59:52

Thanks for reply
check the state of your rules
I have start a new ssh session but I not sure how to check the state of firewall rules.

This is the command I use to check the state of firewall

Code: Select all

iptables -L -n 
And it display firewall rules so it should means the firewall is working.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Restart firewall got hangs

Post by TrevorH » 2017/09/14 14:53:10

iptables-save should show them all.

You can't really restart iptables from an ssh connected session as it always has the possibility of stopping the session you're running in. If you want to amend the rules then use the iptables command itself to -A append or -I insert new rules in the correct places.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

qzaqza15
Posts: 4
Joined: 2017/08/09 07:42:00

Re: Restart firewall got hangs

Post by qzaqza15 » 2017/09/15 09:29:42

Okay, thanks for your help.

Post Reply