Vesta Control Panel - Forum

Домен в Зоне .РФ
Поддержка Lets Encrypt
Сайт не видится.....
думаю не пускает iptables.
Помогите пожалуйста разобраться...
Не открывает тоже ( мб ДНС какие на .РФ дописать ?
Яндекс ДНС

А если остановить iptables, сайт открывается?

Sergy F wrote: ↑

Sun Jul 15, 2018 3:16 pm

Домен в Зоне .РФ
Поддержка Lets Encrypt
Сайт не видится.....
думаю не пускает iptables.
Помогите пожалуйста разобраться...

Code: Select all

[root@k ~]# systemctl status iptables
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: active (exited) since Вс 2018-07-15 17:13:52 MSK; 1h 5min ago
  Process: 2361 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=1/FAILURE)
  Process: 2468 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
 Main PID: 2468 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/iptables.service

июл 15 17:13:52 k.78city.ru systemd[1]: Starting IPv4 firewall with iptables...
июл 15 17:13:52 k.78city.ru iptables.init[2468]: iptables: Applying firewall rules: [  OK  ]
июл 15 17:13:52 k.78city.ru systemd[1]: Started IPv4 firewall with iptables.

Code: Select all

[root@k ~]# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
fail2ban-VESTA  tcp  --  anywhere             anywhere             tcp dpt:us-srv
fail2ban-MAIL  tcp  --  anywhere             anywhere             multiport dports smtp,urd,submission,ms-v-worlds,pop3,pop3s,imap,imaps
fail2ban-FTP  tcp  --  anywhere             anywhere             tcp dpt:ftp
fail2ban-SSH  tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  k.78city.ru          anywhere
ACCEPT     all  --  k                    anywhere
ACCEPT     all  --  localhost            anywhere
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             multiport dports http,https
ACCEPT     tcp  --  anywhere             anywhere             multiport dports ftp,entextxid:12100
ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             multiport dports smtp,urd,submission,ms-v-worlds
ACCEPT     tcp  --  anywhere             anywhere             multiport dports pop3,pop3s
ACCEPT     tcp  --  anywhere             anywhere             multiport dports imap,imaps
ACCEPT     tcp  --  anywhere             anywhere             multiport dports mysql,postgres
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:us-srv
ACCEPT     icmp --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
FORWARD_direct  all  --  anywhere             anywhere
FORWARD_IN_ZONES_SOURCE  all  --  anywhere             anywhere
FORWARD_IN_ZONES  all  --  anywhere             anywhere
FORWARD_OUT_ZONES_SOURCE  all  --  anywhere             anywhere
FORWARD_OUT_ZONES  all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere             ctstate INVALID
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
OUTPUT_direct  all  --  anywhere             anywhere

Chain FORWARD_IN_ZONES (1 references)
target     prot opt source               destination
FWDI_public  all  --  anywhere             anywhere            [goto]
FWDI_public  all  --  anywhere             anywhere            [goto]
FWDI_public  all  --  anywhere             anywhere            [goto]

Chain FORWARD_IN_ZONES_SOURCE (1 references)
target     prot opt source               destination

Chain FORWARD_OUT_ZONES (1 references)
target     prot opt source               destination
FWDO_public  all  --  anywhere             anywhere            [goto]
FWDO_public  all  --  anywhere             anywhere            [goto]
FWDO_public  all  --  anywhere             anywhere            [goto]

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target     prot opt source               destination

Chain FORWARD_direct (1 references)
target     prot opt source               destination

Chain FWDI_public (3 references)
target     prot opt source               destination
FWDI_public_log  all  --  anywhere             anywhere
FWDI_public_deny  all  --  anywhere             anywhere
FWDI_public_allow  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere

Chain FWDI_public_allow (1 references)
target     prot opt source               destination

Chain FWDI_public_deny (1 references)
target     prot opt source               destination

Chain FWDI_public_log (1 references)
target     prot opt source               destination

Chain FWDO_public (3 references)
target     prot opt source               destination
FWDO_public_log  all  --  anywhere             anywhere
FWDO_public_deny  all  --  anywhere             anywhere
FWDO_public_allow  all  --  anywhere             anywhere

Chain FWDO_public_allow (1 references)
target     prot opt source               destination

Chain FWDO_public_deny (1 references)
target     prot opt source               destination

Chain FWDO_public_log (1 references)
target     prot opt source               destination

Chain INPUT_ZONES (0 references)
target     prot opt source               destination
IN_public  all  --  anywhere             anywhere            [goto]
IN_public  all  --  anywhere             anywhere            [goto]
IN_public  all  --  anywhere             anywhere            [goto]

Chain INPUT_ZONES_SOURCE (0 references)
target     prot opt source               destination

Chain INPUT_direct (0 references)
target     prot opt source               destination

Chain IN_public (3 references)
target     prot opt source               destination
IN_public_log  all  --  anywhere             anywhere
IN_public_deny  all  --  anywhere             anywhere
IN_public_allow  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere

Chain IN_public_allow (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh ctstate NEW

Chain IN_public_deny (1 references)
target     prot opt source               destination

Chain IN_public_log (1 references)
target     prot opt source               destination

Chain OUTPUT_direct (1 references)
target     prot opt source               destination

Chain fail2ban-FTP (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-MAIL (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-SSH (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-VESTA (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain vesta (0 references)
target     prot opt source               destination

Не открывает тоже (

Code: Select all

[root@k ~]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service

мб ДНС какие на .РФ дописать ?
Яндекс ДНС

iptables - не туда смотрите.

Попробуйте добавить домен в формате Punycode, рас уж у Ваш домен кириллический. Например вестацп.рф будет выглядеть вот так xn--80adj5big3a.xn--p1ai . И если будете на нем почту использовать, то хлопот не оберетесь.