Vesta Control Panel - Forum

Posted: **Tue Aug 25, 2020 2:57 am**

Hi all,

I recently changed the IP address of my server. (Centos)

I have been searching for days, but am unable to figure out why this is happening.

Everything works, except now if I start iptables, i cannot connect to anything.

Here is my iptables config: (x.x.x.x = my server IP)

Code: Select all

# Generated by iptables-save v1.4.21 on Tue Aug 25 03:47:16 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Tue Aug 25 03:47:16 2020
# Generated by iptables-save v1.4.21 on Tue Aug 25 03:47:16 2020
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:fail2ban-FTP - [0:0]
:fail2ban-MAIL - [0:0]
:fail2ban-SSH - [0:0]
:fail2ban-VESTA - [0:0]
:vesta - [0:0]
-A INPUT -p tcp -m multiport --dports 25,465,587,2525,110,995,143,993 -j fail2ban-MAIL
-A INPUT -p tcp -m tcp --dport 8083 -j fail2ban-VESTA
-A INPUT -p tcp -m tcp --dport 21 -j fail2ban-FTP
-A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH
-A INPUT -s x.x.x.x/32 -j ACCEPT
-A INPUT -s 127.0.0.1/32 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 22,4915 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 21,12000:12100 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 25,465,587,2525 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 110,995 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 143,993 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3306,5432 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8083 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A fail2ban-FTP -j RETURN
-A fail2ban-MAIL -j RETURN
-A fail2ban-SSH -j RETURN
-A fail2ban-VESTA -j RETURN
COMMIT
# Completed on Tue Aug 25 03:47:16 2020

Does anyone know what might be causing this?

Posted: **Tue Aug 25, 2020 4:05 am**

I managed to solve this by doing the following:

cd /usr/local/vesta/data/firewall
nano custom.cs

Code: Select all

iptables -I OUTPUT -o eth0 -d 0.0.0.0/0 -j ACCEPT
iptables -I INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

chmod +x /usr/local/vesta/data/firewall/custom.sh

and restarting iptables.

I still have no idea why all outgoing connections were blocked after changing the IP address. If anyone has any idea, please let me know.

Vesta Control Panel - Forum

Changed IP's now firewall blocks all outgoing connections

Changed IP's now firewall blocks all outgoing connections

Re: Changed IP's now firewall blocks all outgoing connections