Vesta Control Panel - Forum

Community Forum

Skip to content

Advanced search
  • Quick links
    • Main site
    • Github repo
    • Google Search
  • FAQ
  • Login
  • Register
  • Board index Main Section General Discussion
  • Search

Firewall Locks Me Out of Site

General questions about VestaCP
Post Reply
  • Print view
Advanced search
1 post • Page 1 of 1
geekplaya
Posts: 9
Joined: Thu Sep 10, 2015 6:29 am

Firewall Locks Me Out of Site
  • Quote

Post by geekplaya » Mon Sep 14, 2015 8:15 pm

Hello,

I have my Firewall rules entered in, most of them are default, but the second I turn on the firewall service, I can't access my websites. I can still access the back-panel though.

Here is my 'iptables -L'

Code: Select all

Chain INPUT (policy DROP)
target     prot opt source               destination         
fail2ban-VESTA  tcp  --  anywhere             anywhere             tcp dpt:8083
fail2ban-MAIL  tcp  --  anywhere             anywhere             multiport dports smtp,urd,submission,2525,pop3,pop3s,imap2,imaps
fail2ban-SSH  tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:7777
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:xmpp-client
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:9090
ACCEPT     tcp  --  anywhere             anywhere             multiport dports 8000:8001
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             multiport dports http,https
ACCEPT     tcp  --  anywhere             anywhere             multiport dports ftp,12000:12100
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             multiport dports smtp,urd,submission,2525
ACCEPT     tcp  --  anywhere             anywhere             multiport dports pop3,pop3s
ACCEPT     tcp  --  anywhere             anywhere             multiport dports imap2,imaps
ACCEPT     tcp  --  anywhere             anywhere             multiport dports mysql,postgresql
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8083
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  10.10.10.7           anywhere            
ACCEPT     all  --  localhost            anywhere            
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:ftp-data
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:ftp
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:smtp
ACCEPT     udp  --  anywhere             anywhere             udp spt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:pop3
ACCEPT     udp  --  anywhere             anywhere             udp spt:ntp
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:imap2
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:mysql
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:postgresql
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:http-alt
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:8433
ACCEPT     tcp  --  anywhere             anywhere             tcp spt:8083
ACCEPT     tcp  --  anywhere             anywhere             tcp spts:12000:12100
ACCEPT     tcp  --  anywhere             anywhere             state RELATED,ESTABLISHED

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain fail2ban-MAIL (1 references)
target     prot opt source               destination         

Chain fail2ban-SSH (1 references)
target     prot opt source               destination         

Chain fail2ban-VESTA (1 references)
target     prot opt source               destination         

Chain fail2ban-ssh (0 references)
target     prot opt source               destination         

Chain ufw-after-forward (0 references)
target     prot opt source               destination         

Chain ufw-after-input (0 references)
target     prot opt source               destination         

Chain ufw-after-logging-forward (0 references)
target     prot opt source               destination         

Chain ufw-after-logging-input (0 references)
target     prot opt source               destination         

Chain ufw-after-logging-output (0 references)
target     prot opt source               destination         

Chain ufw-after-output (0 references)
target     prot opt source               destination         

Chain ufw-before-forward (0 references)
target     prot opt source               destination         

Chain ufw-before-input (0 references)
target     prot opt source               destination         

Chain ufw-before-logging-forward (0 references)
target     prot opt source               destination         

Chain ufw-before-logging-input (0 references)
target     prot opt source               destination         

Chain ufw-before-logging-output (0 references)
target     prot opt source               destination         

Chain ufw-before-output (0 references)
target     prot opt source               destination         

Chain ufw-reject-forward (0 references)
target     prot opt source               destination         

Chain ufw-reject-input (0 references)
target     prot opt source               destination         

Chain ufw-reject-output (0 references)
target     prot opt source               destination         

Chain ufw-track-forward (0 references)
target     prot opt source               destination         

Chain ufw-track-input (0 references)
target     prot opt source               destination         

Chain ufw-track-output (0 references)
target     prot opt source               destination         

Chain vesta (0 references)
target     prot opt source               destination
/usr/local/vesta/data/firewall/ports.conf

Code: Select all

PROTOCOL='TCP' PORT='20'
PROTOCOL='TCP' PORT='21'
PROTOCOL='TCP' PORT='22'
PROTOCOL='TCP' PORT='25'
PROTOCOL='UDP' PORT='53'
PROTOCOL='TCP' PORT='80'
PROTOCOL='TCP' PORT='443'
PROTOCOL='TCP' PORT='110'
PROTOCOL='UDP' PORT='123'
PROTOCOL='TCP' PORT='143'
PROTOCOL='TCP' PORT='3306'
PROTOCOL='TCP' PORT='5432'
PROTOCOL='TCP' PORT='8080'
PROTOCOL='TCP' PORT='8433'
PROTOCOL='TCP' PORT='8083'
PROTOCOL='TCP' PORT='12000:12100'
/usr/local/vesta/data/firewall/rules.conf

Code: Select all

RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='19:14:16' DATE='2015-09-14'
RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8000-8001' IP='0.0.0.0/0' COMMENT='Shoutcast' SUSPENDED='no' TIME='05:27:47' DATE='2015-09-10'
RULE='12' ACTION='ACCEPT' PROTOCOL='TCP' PORT='9090' IP='0.0.0.0/0' COMMENT='' SUSPENDED='no' TIME='18:11:37' DATE='2015-09-10'
RULE='13' ACTION='ACCEPT' PROTOCOL='TCP' PORT='5222' IP='0.0.0.0/0' COMMENT='' SUSPENDED='no' TIME='18:23:31' DATE='2015-09-10'
RULE='14' ACTION='ACCEPT' PROTOCOL='TCP' PORT='7777' IP='0.0.0.0/0' COMMENT='' SUSPENDED='no' TIME='18:23:36' DATE='2015-09-10'
Top
Post Reply
  • Print view
1 post • Page 1 of 1

Return to “General Discussion”



  • Board index
  • All times are UTC
  • Delete all board cookies
  • The team
Powered by phpBB® Forum Software © phpBB Limited
*Original Author: Brad Veryard
*Updated to 3.2 by MannixMD
 

 

Login  •  Register

I forgot my password