website is not loading

deep27ak · 12-01-2011, 10:20 PM

Quote:

Originally Posted by agriz

I am using CentOS 6

sorry for the typing mistake

Code:

# iptables -D input i eth0 -p tcp --dport 80 -j ACCEPT

and

Code:

# iptables -A INPUT -i eth0 -d 192.168.0.0/24 -p tcp --dport 80 -j ACCEPT

check your iptables

Code:

#iptables -L
#iptables -vnL
#iptables -nL

Code:

#service httpd restart

check your browser
for further information on usage of switches with iptables check man page

Code:

#man iptables

agriz · 12-02-2011, 01:16 AM

The list is very big. I am unable to get it by scrolling.

Quote:

DROP all -- 91.194.0.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.194.0.0/23
DROP all -- 91.196.216.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.196.216.0/22
DROP all -- 91.196.232.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.196.232.0/22
DROP all -- 91.198.109.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.198.109.0/24
DROP all -- 91.198.125.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.198.125.0/24
DROP all -- 91.198.127.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.198.127.0/24
DROP all -- 91.199.112.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.199.112.0/24
DROP all -- 91.199.123.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.199.123.0/24
DROP all -- 91.199.157.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.199.157.0/24
DROP all -- 91.200.164.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.200.164.0/22
DROP all -- 91.200.188.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.200.188.0/22
DROP all -- 91.200.240.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.200.240.0/22
DROP all -- 91.200.248.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.200.248.0/22
DROP all -- 91.201.124.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.201.124.0/22
DROP all -- 91.201.212.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.201.212.0/22
DROP all -- 91.201.236.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.201.236.0/22
DROP all -- 91.201.4.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.201.4.0/22
DROP all -- 91.203.92.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.203.92.0/22
DROP all -- 91.204.40.0/21 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.204.40.0/21
DROP all -- 91.204.48.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.204.48.0/22
DROP all -- 91.205.40.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.205.40.0/22
DROP all -- 91.207.116.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.207.116.0/23
DROP all -- 91.208.0.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.208.0.0/24
DROP all -- 91.208.162.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.208.162.0/24
DROP all -- 91.208.228.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.208.228.0/24
DROP all -- 91.209.14.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.14.0/24
DROP all -- 91.209.183.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.183.0/24
DROP all -- 91.209.184.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.184.0/24
DROP all -- 91.209.186.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.186.0/24
DROP all -- 91.209.238.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.238.0/24
DROP all -- 91.209.48.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.48.0/24
DROP all -- 91.209.58.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.58.0/24
DROP all -- 91.209.63.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.209.63.0/24
DROP all -- 91.210.172.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.210.172.0/22
DROP all -- 91.211.64.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.211.64.0/22
DROP all -- 91.211.88.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.211.88.0/22
DROP all -- 91.212.107.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.107.0/24
DROP all -- 91.212.123.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.123.0/24
DROP all -- 91.212.132.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.132.0/24
DROP all -- 91.212.135.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.135.0/24
DROP all -- 91.212.163.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.163.0/24
DROP all -- 91.212.198.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.198.0/24
DROP all -- 91.212.201.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.201.0/24
DROP all -- 91.212.220.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.220.0/24
DROP all -- 91.212.41.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.41.0/24
DROP all -- 91.212.45.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.45.0/24
DROP all -- 91.212.65.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.212.65.0/24
DROP all -- 91.213.121.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.121.0/24
DROP all -- 91.213.157.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.157.0/24
DROP all -- 91.213.174.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.174.0/24
DROP all -- 91.213.175.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.175.0/24
DROP all -- 91.213.217.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.217.0/24
DROP all -- 91.213.29.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.29.0/24
DROP all -- 91.213.72.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.72.0/24
DROP all -- 91.213.75.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.75.0/24
DROP all -- 91.213.93.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.93.0/24
DROP all -- 91.213.94.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.213.94.0/24
DROP all -- 91.216.11.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.216.11.0/24
DROP all -- 91.216.122.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.216.122.0/24
DROP all -- 91.216.141.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.216.141.0/24
DROP all -- 91.216.190.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.216.190.0/24
DROP all -- 91.216.3.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.216.3.0/24
DROP all -- 91.216.73.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.216.73.0/24
DROP all -- 91.217.153.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.217.153.0/24
DROP all -- 91.217.162.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.217.162.0/24
DROP all -- 91.217.249.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.217.249.0/24
DROP all -- 91.220.0.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.220.0.0/24
DROP all -- 91.220.62.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.220.62.0/24
DROP all -- 91.220.90.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.220.90.0/24
DROP all -- 91.221.98.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.221.98.0/23
DROP all -- 91.226.78.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.226.78.0/24
DROP all -- 91.229.90.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 91.229.90.0/23
DROP all -- 93.120.32.0/19 0.0.0.0/0
DROP all -- 0.0.0.0/0 93.120.32.0/19
DROP all -- 93.168.18.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 93.168.18.0/23
DROP all -- 93.168.20.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 93.168.20.0/23
DROP all -- 93.168.22.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 93.168.22.0/23
DROP all -- 93.168.24.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 93.168.24.0/23
DROP all -- 93.174.164.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 93.174.164.0/24
DROP all -- 93.175.240.0/20 0.0.0.0/0
DROP all -- 0.0.0.0/0 93.175.240.0/20
DROP all -- 94.126.176.0/21 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.126.176.0/21
DROP all -- 94.130.0.0/15 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.130.0.0/15
DROP all -- 94.154.128.0/18 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.154.128.0/18
DROP all -- 94.158.240.0/20 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.158.240.0/20
DROP all -- 94.232.248.0/21 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.232.248.0/21
DROP all -- 94.60.121.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.60.121.0/24
DROP all -- 94.60.122.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.60.122.0/23
DROP all -- 94.61.247.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.61.247.0/24
DROP all -- 94.63.146.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.146.0/24
DROP all -- 94.63.149.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.149.0/24
DROP all -- 94.63.150.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.150.0/23
DROP all -- 94.63.241.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.241.0/24
DROP all -- 94.63.243.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.243.0/24
DROP all -- 94.63.244.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.244.0/23
DROP all -- 94.63.245.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.245.0/24
DROP all -- 94.63.246.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.246.0/24
DROP all -- 94.63.247.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 94.63.247.0/24
DROP all -- 95.215.140.0/22 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.215.140.0/22
DROP all -- 95.216.0.0/15 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.216.0.0/15
DROP all -- 95.64.11.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.64.11.0/24
DROP all -- 95.64.13.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.64.13.0/24
DROP all -- 95.64.37.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.64.37.0/24
DROP all -- 95.64.38.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.64.38.0/24
DROP all -- 95.64.39.0/24 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.64.39.0/24
DROP all -- 95.64.98.0/23 0.0.0.0/0
DROP all -- 0.0.0.0/0 95.64.98.0/23

Chain TALLOW (2 references)
target prot opt source destination

Chain TDENY (2 references)
target prot opt source destination

Chain TGALLOW (2 references)
target prot opt source destination

Chain TGDENY (2 references)
target prot opt source destination

Chain TMP_DROP (2 references)
target prot opt source destination

I am using DenyDns too.

deep27ak · 12-02-2011, 01:26 AM

Quote:

Originally Posted by agriz

The list is very big. I am unable to get it by scrolling.

I am using DenyDns too.

use the two iptables command which i gave you

first will delete the earlier firewall rule

and second will create a new rule for apache

and check whether its working or not

or you can show the output of

Code:

#iptables -L

agriz · 12-02-2011, 01:30 AM

Quote:

iptables -Lnv

Quote:

iptables: No chain/target/match by that name.

Quote:

iptables -L

Again I am getting the big list as i posted in previous post.
It is still displaying result.

acid_kewpie · 12-02-2011, 01:36 AM

sorry, the order of the options matter: "iptables -vnL", my bad.

deep27ak · 12-02-2011, 02:11 AM

after giving the iptables rule which I said are you able to connect apache?

agriz · 12-02-2011, 02:32 AM

Quote:

Originally Posted by deep27ak

after giving the iptables rule which I said are you able to connect apache?

no.
Still not loading.

agriz · 12-02-2011, 02:43 AM

Quote:

Originally Posted by acid_kewpie

sorry, the order of the options matter: "iptables -vnL", my bad.

I am getting the same list.

agriz · 12-02-2011, 02:51 AM

Can we delete all the rules from IPTABLES permanently?

I just want to allow pureftpd port, httpd port, + 8080, ssh port 1234 (eg)
I am already blocking all ssh access except my ip range using denyhosts

Pureftpd

Quote:

Response:530 Login authentication failed
Error: Critical error
Error: Could not connect to server

But I am sure the login is correct. TSL is enabled in pureftpd

deep27ak · 12-02-2011, 03:02 AM

Quote:

Originally Posted by agriz

Can we delete all the rules from IPTABLES permanently?

I just want to allow pureftpd port, httpd port, + 8080, ssh port 1234 (eg)
I am already blocking all ssh access except my ip range using denyhosts

Pureftpd

But I am sure the login is correct. TSL is enabled in pureftpd

Are you sure to delete all rules because those rules might have been created by someone intentionally

you can use iptables -F to fulsh all rules

Code:

#iptables -F

to check use

Code:

#iptables -L

you can use

Code:

#service iptables stop

instead of deleting all rules

to check if your server is running properly or not

agriz · 12-02-2011, 03:05 AM

What do you mean by someone intentionally?
If CentOS 6's firewall is not creating any rule, then i don't think nobody has access than me to create rules.

I will again going to drop all the ports from iptables once it is clean.
So, I can enable pureftpd, httpd, and sshd

iptables -F -- is flush not temporary? If i restart, it will get all the rules, won't it?

acid_kewpie · 12-02-2011, 03:14 AM

you will get the rules, yes. You can edit the file /etc/sysconfig/iptables directly to change them or run "/etc/init.d/iptables save" to save the current state back to that file.

deep27ak · 12-02-2011, 03:16 AM

Quote:

Originally Posted by agriz

What do you mean by someone intentionally?
If CentOS 6's firewall is not creating any rule, then i don't think nobody has access than me to create rules.

I will again going to drop all the ports from iptables once it is clean.
So, I can enable pureftpd, httpd, and sshd

iptables -F -- is flush not temporary? If i restart, it will get all the rules, won't it?

check your iptables

Code:

#vi /etc/sysconfig/iptables
it must contain all the rules

Code:

#iptables -F

#service iptables save

#service iptables restart

#vi /etc/sysconfig/iptables

agriz · 12-02-2011, 03:34 AM

Quote:

vi /etc/sysconfig/iptables

The file is not there.

Quote:

#iptables -F
#service iptables save
#service iptables restart

After this, I guess all the rules will be permanently deleted.

Quote:

iptables -P INPUT DROP

Quote:

iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT

Quote:

iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

Quote:

iptables -A INPUT -i eth0 -p tcp --dport 21 -j ACCEPT

Will it work out?

deep27ak · 12-02-2011, 04:40 AM

I am not very sure if that will work

you can give a try
or you can do as I said

No issues if there is no iptables in sysconfig

Code:

#iptables -F
#service iptables save

#service iptables restart

check whether you still see all the rules

Code:

#iptables -L