We are starting CHRISTMAS Sale. Get 30% OFF on lifetime licenses with code: FYSKK72

iptables "stoped" on vestacp panel

General questions about VestaCP
coreXL
Posts: 22
Joined: Fri Mar 24, 2017 1:32 am

iptables "stoped" on vestacp panel

Postby coreXL » Fri Mar 24, 2017 1:39 am

Hello, something is not right in my vestacp, I installed and everything is working normally without any problem, since I am monitoring the server and I realized that the IPTables service is stopped in the panel of vestacp.

Check image:
Image

Try running the command on my server:

Code: Select all

service iptables status

Image

Other command:

Code: Select all

service iptables restart

Image

Then I do not understand why in the vestacp panel it comes out as if I was stopped.
Some help?

Thanks!

lunameticcia
Posts: 1
Joined: Sun Mar 26, 2017 9:09 pm

Re: iptables "stoped" on vestacp panel

Postby lunameticcia » Sun Mar 26, 2017 9:14 pm

Uhmmm... I've noticed a strange behaviour using vnc. Stopping the "already" stopped iptables from vesta, I can connect with a vnc client on port 5901. Restarting iptables, from vesta and linux service command their state seems "stopped", but I can't connect with vnc... Adding rule for port 5901, I can connect.
I think iptables are running but vesta doesn't detect this. Maybe I'm in error...
Excuse my poor english, greetings from Italy.

Mark O Polo
Posts: 5
Joined: Wed Mar 29, 2017 7:15 pm

Re: iptables "stoped" on vestacp panel

Postby Mark O Polo » Wed Mar 29, 2017 7:24 pm

My iptables have always shown as "stopped" in the vesta server services. A quick check however with Nmap shows the firewall is active and appears to be working fine. Changes I make and save with the firewall options are correctly being implemented even though service is listed as "stopped". From what i can gather it is really running...

My install is on a Debian 8 config. Vesta Release 0.9.8-17

Probably needs to have a "bug" fix request made.

Mark O Polo
Posts: 5
Joined: Wed Mar 29, 2017 7:15 pm

Re: iptables "stoped" on vestacp panel

Postby Mark O Polo » Wed Apr 12, 2017 5:51 pm

I need to clarify my last post, looking closer my iptables is running as the options listed are "configure, stop, or restart". This does imply it is running (otherwise the start option would theoretically be available).

However in my case the Uptime always stays at 0 minutes which gives the appearance of it not working/stopped.

Does anyone have any suggestions how to start the "Uptime ticker".

Deb 8
Release 0.9.8-17

I can start a new thread if that is more appropriate as well...

pdomain
Posts: 3
Joined: Sat Jul 29, 2017 6:39 pm

Re: iptables "stoped" on vestacp panel

Postby pdomain » Sun Aug 13, 2017 5:29 pm

Similar is case with me on a VPS.

Below is the result of command

Code: Select all

iptables -L -n


Result
Chain INPUT (policy DROP)
target prot opt source destination
fail2ban-VESTA tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8083
fail2ban-MAIL tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,2525,110,995,143,993
fail2ban-SSH tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 84.201.37.57 0.0.0.0/0
ACCEPT all -- 127.0.0.1 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 20,21,12000:12100
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,2525
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 143,993
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 3306,5432
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8083
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain fail2ban-MAIL (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0

Chain fail2ban-SSH (1 references)
target prot opt source destination
REJECT all -- 116.31.116.45 0.0.0.0/0 reject-with icmp-port-unreachable
RETURN all -- 0.0.0.0/0 0.0.0.0/0

Chain fail2ban-VESTA (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0

Chain vesta (0 references)
target prot opt source destination


However Dashboard is blank with 0 Rules & 0 minutes uptime
Image
Image

I have tried all commands below

Code: Select all

v-stop-service iptables
v-start-service iptables
/usr/local/vesta/bin/v-start-service iptables
service iptables stop
service iptables start
service iptables restart


I have also recreated the below files :
/usr/local/vesta/data/firewall/rules.conf
/usr/local/vesta/data/firewall/ports.conf

But sitaution is same.

However on my other VPS with VestaCP all rules are showing in Dashboad.

Thanks in advance to any one who can helps.

Mark O Polo
Posts: 5
Joined: Wed Mar 29, 2017 7:15 pm

Re: iptables "stoped" on vestacp panel

Postby Mark O Polo » Fri Aug 18, 2017 2:20 pm

Just to further document..

My VestaCP is still displaying all rules in the Firewall Dashboard. I can also do all firewall configuration from the dash which seems to be working great. Just the iptables issue (no uptime minutes displayed) persists in the server dash.

@pdomain, did you do anything different between your two VPS machines or config setups. Debian 8 on both?

Do you have the same issue as mine on both, plus the firewall rules missing just on 1 out of 2?


Return to “General Discussion”



Who is online

Users browsing this forum: No registered users and 11 guests

cron