We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Firewall blocks services after first reboot on a clean installation
Firewall blocks services after first reboot on a clean installation
I've installed the last vestacp release on a clean minimal Centos 7 installation with this config
After restart, firewall blocks all services access with this rule:
I've tried several installations with same result.
Is it an issue of the new release?
Code: Select all
bash vst-install.sh --nginx yes --apache yes --phpfpm no --named yes --remi yes --vsftpd no --proftpd no --iptables yes --fail2ban yes --quota no --exim yes --dovecot no --spamassassin no --clamav no --softaculous no --mysql yes --postgresql no --hostname host --email email@host --password xxxxx
Code: Select all
[Chain INPUT (policy ACCEPT 0 packets, 0 bytes)]
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Is it an issue of the new release?
Re: Firewall blocks services after first reboot on a clean installation
What is the output of the following command?
Code: Select all
v-list-firewall
Re: Firewall blocks services after first reboot on a clean installation
I have the same exact issue. Installed vestacp on a fresh centos 7.5Felix wrote: ↑Wed Jul 04, 2018 5:30 amWhat is the output of the following command?Code: Select all
v-list-firewall
If you reboot the server, all services stop working. (only ping works) unless you login to the console and stop firewalld service
I have taken screenshots for "v-list-firewall" and "iptables -L" commands (no attachment option here)
Re: Firewall blocks services after first reboot on a clean installation
Similar output like the one reported by @geekFelix wrote: ↑Wed Jul 04, 2018 5:30 amWhat is the output of the following command?Code: Select all
v-list-firewall
Re: Firewall blocks services after first reboot on a clean installation
In fact, services are up, BUT the firewall blocks ALL input connections due the REJECT ALL rule FROM 0.0.0.0/0 in the CHAIN INPUTgeek wrote: ↑Wed Jul 04, 2018 5:54 amI have the same exact issue. Installed vestacp on a fresh centos 7.5Felix wrote: ↑Wed Jul 04, 2018 5:30 amWhat is the output of the following command?Code: Select all
v-list-firewall
If you reboot the server, all services stop working. (only ping works) unless you login to the console and stop firewalld service
I have taken screenshots for "v-list-firewall" and "iptables -L" commands (no attachment option here)
Re: Firewall blocks services after first reboot on a clean installation
I understand the services are infact up, but why does it add drop all rule on reboot?
Re: Firewall blocks services after first reboot on a clean installation
Fix will be soon.
Try to restart iptables
Try to restart iptables
Code: Select all
service iptables restart
Re: Firewall blocks services after first reboot on a clean installation
well.. the point is that if it's an online server that you can only access over ssh... there is no option to restart iptables after that reboot :)imperio wrote: ↑Thu Jul 05, 2018 2:11 pmFix will be soon.
Try to restart iptablesCode: Select all
service iptables restart
Anyway, I added it as issue on github too yesterday.
Last edited by pabbae on Thu Jul 05, 2018 2:25 pm, edited 1 time in total.