#1  
Old 14th November 2010, 18:41
sxlderek sxlderek is offline
Junior Member
  
Join Date: Nov 2010
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Smile how to clear iptables
Hello everybody,

First of all, I am new to Ispconfig and sorry of my bad english.

I installed Ispconfig3 on 2 Debian Lenny VPS server, according to the "A Multiserver setup.... on Debian" guide.

But I have only 2 server:

server1 is: Apache+MySQL..etc+DNS+Ispconfig Web interface
server2 is: Mail+Clamav...etc+DNS+Ispconfig (without web interface)

After Install, everything seems fine.

And then I enable the firewall (in Ispconfig) on both server.
Now, both server cannot ping any hostname, but can only ping IP addresses.

Then, I turn off the firewall (via Ispconfig) on both server,

The firewall on Server1 is cleared, (IPTABLE -L is empty)

But, on Server2, all iptables rules are still there.

My questions:

1. How to clear the iptables rules on my Server2?

2. Is there a way to re-configure Ispconfig to stop managing firewall without re-installing Ispconfig?

3. On Server2, I run /usr/local/ispconfig/server.sh, I got the following output
Code:
sh: repquota: command not found
sh: repquota: command not found
/usr/bin/fail2ban-client
/sbin/bastille-netfilter: line 225: modprobe: command not found
iptables v1.4.2: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
:
/sbin/bastille-netfilter: line 272: modprobe: command not found
:
iptables: Invalid argument
:
I believe this is caused by mis-configured Iptables on my host machines (the physical host). My host is Proxmox and my VPS are OpenVZs. What is needed to be done on my physical host? Any link to step-by-step instructions?

Thank you in advance
Reply With Quote
Sponsored Links
  #2  
Old 15th November 2010, 14:34
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,594 Times in 2,445 Posts
Default
What's the output of
Code:
which modprobe
and
Code:
cat /proc/user_beancounters
on the second server?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 15th November 2010, 17:16
sxlderek sxlderek is offline
Junior Member
  
Join Date: Nov 2010
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Thank you falko,

which modprobe return nothing

user_beancounters return the following:

Code:
h12:/# which modprobe
h12:/# cat /proc/user_beancounters
Version: 2.5
       uid  resource                     held              maxheld              barrier                limit              failcnt
      104:  kmemsize                  6332962              9670622  9223372036854775807  9223372036854775807                    0
            lockedpages                     0                  410               262144               262144                    0
            privvmpages                122406               152925               524288               536788                    0
            shmpages                      640                 2016  9223372036854775807  9223372036854775807                    0
            dummy                           0                    0                    0                    0                    0
            numproc                        69                   88                 1024                 1024                    0
            physpages                   58023                81449                    0  9223372036854775807                    0
            vmguarpages                     0                    0               524288  9223372036854775807                    0
            oomguarpages                58023                81449               524288  9223372036854775807                    0
            numtcpsock                     19                   31  9223372036854775807  9223372036854775807                    0
            numflock                       10                   16  9223372036854775807  9223372036854775807                    0
            numpty                          1                    3                  255                  255                    0
            numsiginfo                      0                   12                 1024                 1024                    0
            tcpsndbuf                  333056               383232  9223372036854775807  9223372036854775807                    0
            tcprcvbuf                  311296               599808  9223372036854775807  9223372036854775807                    0
            othersockbuf               273408               326144  9223372036854775807  9223372036854775807                    0
            dgramrcvbuf                     0                 8448  9223372036854775807  9223372036854775807                    0
            numothersock                  156                  188  9223372036854775807  9223372036854775807                    0
            dcachesize                 663570               716292  9223372036854775807  9223372036854775807                    0
            numfile                      2920                 4402  9223372036854775807  9223372036854775807                    0
            dummy                           0                    0                    0                    0                    0
            dummy                           0                    0                    0                    0                    0
            dummy                           0                    0                    0                    0                    0
            numiptent                      64                   65  9223372036854775807  9223372036854775807                    0
h12:/#
thank you again
Reply With Quote
  #4  
Old 16th November 2010, 16:28
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,594 Times in 2,445 Posts
Default
Please install module-init-tools:
Code:
apt-get install module-init-tools
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 21st November 2010, 18:26
sxlderek sxlderek is offline
Junior Member
  
Join Date: Nov 2010
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default
Thank you for your help,

I cannot modprobe because my box is a OpenVZ virtual machine.

Anyway, I will get a KVM based virtual machine soon, hopefully KVM will solve the problem.

Thank you again.
Reply With Quote
Reply

Bookmarks

Tags
firewall, multiserver

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Companion Script #2 for The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]" MrCompTech Tips/Tricks/Mods 0 10th July 2010 05:11
Faster Postfix problems pedrovalmor Installation/Configuration 6 10th June 2010 22:11
Iptables gateway with one lan adapter tsmr Installation/Configuration 1 7th August 2008 12:02
IPtables rule to let PPTP access LAN brianwebb01 Installation/Configuration 0 1st May 2008 21:23
Match IP with MAC using iptables for squid block cooljai Server Operation 0 30th August 2007 18:30


All times are GMT +2. The time now is 22:16.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.