restarting iptables killed all my services

Support for security such as Firewalls and securing linux
Post Reply
suff
Posts: 1
Joined: 2017/09/22 11:00:23

restarting iptables killed all my services

Post by suff » 2017/09/22 11:11:36

Hi, I am running CentOS 6.6 server with DirectAdmin and I was trying to open 3306 to be able to reach mysql database from outside.

So this is what happened:

- made a copy of /etc/sysconfig/iptables
- added a line to existing /etc/sysconfig/iptables
- /etc/init.d/iptables restart
and this didnt help, so I have done some research and
- run system-config-firewall-tui and decided that this is not what I wanted, but I am pretty sure that I have cancelled all chages
at this moment I have realized that all services are down, the server is not responding at any port

so I have replaces /etc/sysconfig/iptables with the original one and /etc/init.d/iptables restart

nothing hepls - this is what I get when I start iptables:

Opening /proc/modules: No such file or directory
iptables: Setting chains to policy ACCEPT: raw nat mangle f[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
[ OK ]
iptables: Applying firewall rules: [ OK ]

the server only runs when i stop iptables

What I have done wrong?
How can I do to fix this?

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: restarting iptables killed all my services

Post by TrevorH » 2017/09/22 11:33:32

I think you need to talk to your hoster. We don't support any systems with a panel like DirectAdmin installed as they replace so many things in the o/s with their own copies that any advice we might give, might end up breaking your system more than it already is.

However, based on "grep: /proc/modules: No such file or directory", I suspect that not only has your system got DA on it, but it's also not using a CentOS supplied kernel as /proc/modules will always exist on a CentOS kernel. For it not to exist means you're running a kernel where module loading is turned off entirely.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Whoever
Posts: 1357
Joined: 2013/09/06 03:12:10

Re: restarting iptables killed all my services

Post by Whoever » 2017/09/23 05:23:53

suff wrote:Hi, I am running CentOS 6.6 server with DirectAdmin and I was trying to open 3306 to be able to reach mysql database from outside.

This may not be such a good idea, unless you can ensure that access is only allowed to a known safe source. If you have control of both ends, you may want to look at accessing the database over a VPN.

As for what is going on, I am going to take a wild guess and suggest that some of the rules are not loading, because you can't load the appropriate modules, and the only rules that do get loaded block access to the server.

Post Reply