Firewall blocks services after first reboot on a clean installation
Firewall blocks services after first reboot on a clean installation
I've installed the last vestacp release on a clean minimal Centos 7 installation with this config
After restart, firewall blocks all services access with this rule:
I've tried several installations with same result.
Is it an issue of the new release?
Code: Select all
bash vst-install.sh --nginx yes --apache yes --phpfpm no --named yes --remi yes --vsftpd no --proftpd no --iptables yes --fail2ban yes --quota no --exim yes --dovecot no --spamassassin no --clamav no --softaculous no --mysql yes --postgresql no --hostname host --email email@host --password xxxxx
Code: Select all
[Chain INPUT (policy ACCEPT 0 packets, 0 bytes)]
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Is it an issue of the new release?
Re: Firewall blocks services after first reboot on a clean installation
What is the output of the following command?
Code: Select all
v-list-firewall
Re: Firewall blocks services after first reboot on a clean installation
I have the same exact issue. Installed vestacp on a fresh centos 7.5Felix wrote: ↑Wed Jul 04, 2018 5:30 amWhat is the output of the following command?Code: Select all
v-list-firewall
If you reboot the server, all services stop working. (only ping works) unless you login to the console and stop firewalld service
I have taken screenshots for "v-list-firewall" and "iptables -L" commands (no attachment option here)
![Image](https://image.ibb.co/eO4w9y/Capture.png)
![Image](https://preview.ibb.co/f5VEwd/iptables_1.png)
![Image](https://preview.ibb.co/bYOOpy/iptables_2.png)
![Image](https://preview.ibb.co/g50gbd/iptables_3.png)
Re: Firewall blocks services after first reboot on a clean installation
Similar output like the one reported by @geekFelix wrote: ↑Wed Jul 04, 2018 5:30 amWhat is the output of the following command?Code: Select all
v-list-firewall
Re: Firewall blocks services after first reboot on a clean installation
In fact, services are up, BUT the firewall blocks ALL input connections due the REJECT ALL rule FROM 0.0.0.0/0 in the CHAIN INPUTgeek wrote: ↑Wed Jul 04, 2018 5:54 amI have the same exact issue. Installed vestacp on a fresh centos 7.5Felix wrote: ↑Wed Jul 04, 2018 5:30 amWhat is the output of the following command?Code: Select all
v-list-firewall
If you reboot the server, all services stop working. (only ping works) unless you login to the console and stop firewalld service
I have taken screenshots for "v-list-firewall" and "iptables -L" commands (no attachment option here)
Re: Firewall blocks services after first reboot on a clean installation
I understand the services are infact up, but why does it add drop all rule on reboot?
Re: Firewall blocks services after first reboot on a clean installation
Fix will be soon.
Try to restart iptables
Try to restart iptables
Code: Select all
service iptables restart
Re: Firewall blocks services after first reboot on a clean installation
well.. the point is that if it's an online server that you can only access over ssh... there is no option to restart iptables after that reboot :)imperio wrote: ↑Thu Jul 05, 2018 2:11 pmFix will be soon.
Try to restart iptablesCode: Select all
service iptables restart
Anyway, I added it as issue on github too yesterday.
Last edited by pabbae on Thu Jul 05, 2018 2:25 pm, edited 1 time in total.