We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Changed IP's now firewall blocks all outgoing connections
-
- Posts: 2
- Joined: Tue Aug 25, 2020 2:39 am
- Os: CentOS 6x
- Web: apache + nginx
Changed IP's now firewall blocks all outgoing connections
Hi all,
I recently changed the IP address of my server. (Centos)
I have been searching for days, but am unable to figure out why this is happening.
Everything works, except now if I start iptables, i cannot connect to anything.
Here is my iptables config: (x.x.x.x = my server IP)
Does anyone know what might be causing this?
I recently changed the IP address of my server. (Centos)
I have been searching for days, but am unable to figure out why this is happening.
Everything works, except now if I start iptables, i cannot connect to anything.
Here is my iptables config: (x.x.x.x = my server IP)
Code: Select all
# Generated by iptables-save v1.4.21 on Tue Aug 25 03:47:16 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Tue Aug 25 03:47:16 2020
# Generated by iptables-save v1.4.21 on Tue Aug 25 03:47:16 2020
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:fail2ban-FTP - [0:0]
:fail2ban-MAIL - [0:0]
:fail2ban-SSH - [0:0]
:fail2ban-VESTA - [0:0]
:vesta - [0:0]
-A INPUT -p tcp -m multiport --dports 25,465,587,2525,110,995,143,993 -j fail2ban-MAIL
-A INPUT -p tcp -m tcp --dport 8083 -j fail2ban-VESTA
-A INPUT -p tcp -m tcp --dport 21 -j fail2ban-FTP
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH
-A INPUT -s x.x.x.x/32 -j ACCEPT
-A INPUT -s 127.0.0.1/32 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 22,4915 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 21,12000:12100 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 25,465,587,2525 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 110,995 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 143,993 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3306,5432 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8083 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A fail2ban-FTP -j RETURN
-A fail2ban-MAIL -j RETURN
-A fail2ban-SSH -j RETURN
-A fail2ban-VESTA -j RETURN
COMMIT
# Completed on Tue Aug 25 03:47:16 2020
-
- Posts: 2
- Joined: Tue Aug 25, 2020 2:39 am
- Os: CentOS 6x
- Web: apache + nginx
Re: Changed IP's now firewall blocks all outgoing connections
I managed to solve this by doing the following:
cd /usr/local/vesta/data/firewall
nano custom.cs
chmod +x /usr/local/vesta/data/firewall/custom.sh
and restarting iptables.
I still have no idea why all outgoing connections were blocked after changing the IP address. If anyone has any idea, please let me know.
cd /usr/local/vesta/data/firewall
nano custom.cs
Code: Select all
iptables -I OUTPUT -o eth0 -d 0.0.0.0/0 -j ACCEPT
iptables -I INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
and restarting iptables.
I still have no idea why all outgoing connections were blocked after changing the IP address. If anyone has any idea, please let me know.