restarting iptables killed all my services

Support for security such as Firewalls and securing linux
suff
Posts: 1
Joined: 2017/09/22 11:00:23

restarting iptables killed all my services

Postby suff » 2017/09/22 11:11:36

Hi, I am running CentOS 6.6 server with DirectAdmin and I was trying to open 3306 to be able to reach mysql database from outside.

So this is what happened:

- made a copy of /etc/sysconfig/iptables
- added a line to existing /etc/sysconfig/iptables
- /etc/init.d/iptables restart
and this didnt help, so I have done some research and
- run system-config-firewall-tui and decided that this is not what I wanted, but I am pretty sure that I have cancelled all chages
at this moment I have realized that all services are down, the server is not responding at any port

so I have replaces /etc/sysconfig/iptables with the original one and /etc/init.d/iptables restart

nothing hepls - this is what I get when I start iptables:

Opening /proc/modules: No such file or directory
iptables: Setting chains to policy ACCEPT: raw nat mangle f[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
Opening /proc/modules: No such file or directory
grep: /proc/modules: No such file or directory
[ OK ]
iptables: Applying firewall rules: [ OK ]

the server only runs when i stop iptables

What I have done wrong?
How can I do to fix this?

User avatar
TrevorH
Forum Moderator
Posts: 21774
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: restarting iptables killed all my services

Postby TrevorH » 2017/09/22 11:33:32

I think you need to talk to your hoster. We don't support any systems with a panel like DirectAdmin installed as they replace so many things in the o/s with their own copies that any advice we might give, might end up breaking your system more than it already is.

However, based on "grep: /proc/modules: No such file or directory", I suspect that not only has your system got DA on it, but it's also not using a CentOS supplied kernel as /proc/modules will always exist on a CentOS kernel. For it not to exist means you're running a kernel where module loading is turned off entirely.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

Whoever
Posts: 987
Joined: 2013/09/06 03:12:10

Re: restarting iptables killed all my services

Postby Whoever » 2017/09/23 05:23:53

suff wrote:Hi, I am running CentOS 6.6 server with DirectAdmin and I was trying to open 3306 to be able to reach mysql database from outside.



This may not be such a good idea, unless you can ensure that access is only allowed to a known safe source. If you have control of both ends, you may want to look at accessing the database over a VPN.

As for what is going on, I am going to take a wild guess and suggest that some of the rules are not loading, because you can't load the appropriate modules, and the only rules that do get loaded block access to the server.