OpenVZ Forum: Support » *RESOLVED* iptables

Home » General » Support » *RESOLVED* iptables

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

*RESOLVED* iptables [message #14282]

Thu, 21 June 2007 14:01

sspt
Messages: 100
Registered: August 2006
Location: Portugal

Senior Member

Hello,
I've noticed that i can't start iptables under centos 4 templates (Centos 5 node)

[root@awknet01 ~]# uname -a
Linux hostname 2.6.18-8.1.4.el5.028stab035.1PAE #1 SMP Sat Jun 9 02:27:12 MSD 2007 i686 athlon i386 GNU/Linux

[root@hib ~]# cat /etc/issue
CentOS release 4.5 (Final)
[root@hib ~]# iptables --version
iptables v1.2.11
[root@hib ~]# service iptables start
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: mangle filter             [  OK  ]
[root@hib ~]# service iptables status
Firewall is stopped.

[root@hib /]# cat /etc/issue
CentOS release 5 (Final)
[root@hib /]# iptables --version
iptables v1.3.5
[root@hib /]# service iptables start
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: mangle filter             [  OK  ]
[root@hib /]# service iptables status
Table: mangle
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination

Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Anyone having the same issues?

http://static.openvz.org/userbars/openvz-user.png

[Updated on: Fri, 22 June 2007 12:06] by Moderator

Report message to a moderator

Re: iptables [message #14291 is a reply to message #14282]

Thu, 21 June 2007 15:09

Vasily Tarasov
Messages: 1345
Registered: January 2006

Senior Member

Hello,

what exactly bothers you? Wink

I see that kernel modules are loaded and you can observe tables... Probably you can't load some rules?.. What exact rules?

Thanks,
Vasily.

Report message to a moderator

Re: iptables [message #14293 is a reply to message #14291]

Thu, 21 June 2007 15:15

sspt
Messages: 100
Registered: August 2006
Location: Portugal

Senior Member

Sorry, i've messed the post i guess Mad

The first 'quote' is from a CentOS 4 VE under CentOS 5 HN : iptables not working

The second 'quote' is from a CentOS 5 VE under CentOS 5 HN : iptables working

Report message to a moderator

Re: iptables [message #14308 is a reply to message #14293]

Fri, 22 June 2007 05:48

Vasily Tarasov
Messages: 1345
Registered: January 2006

Senior Member

Please, try to find out, why `sevice iptables status` thinks, that iptables is stopped...

Vasily.

Report message to a moderator

Re: iptables [message #14320 is a reply to message #14308]

Fri, 22 June 2007 10:34

sspt
Messages: 100
Registered: August 2006
Location: Portugal

Senior Member

Seems like a /etc/init.d/iptables bug.

[root@hib /]# iptables -A OUTPUT -p icmp -j DROP

[root@hib /]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
DROP       icmp --  anywhere             anywhere

[root@hib /]# service iptables status
Firewall is stopped.

Since iptables -L show the rules and we can't ping the vps it seems to be working Smile