can't initialize iptables table `filter

Discussion in 'Installation/Configuration' started by asmadius, Jul 20, 2006.

  1. asmadius

    asmadius New Member

    I have Debian 3.1 64 bit with php4 & 5 using the install guides from "perfect...."

    everything was ok the first 2-3 hours, but then everything got slower & slower, so this is the only thing I found as an error but I don't know how to fix this. I searched the forums, but I didn't find an answer.

    cp:~# iptables -L
    FATAL: Module ip_tables not found.
    iptables v1.2.11: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.​


    this is the kernel I'm using
    cp:~# uname -r
    2.6.17.6

    after rebooting it seemed to work but only shortly, getting into the hosting panel is ok but not the installed website.

    thanx for any help.

    BTW- my provider gave the server a name like SERVER.PROVIDER.DE - I reinstalled Debian and change the server to something like CP.MYDOMAIN.NET added to hosts, does this effect the installtion or sites?
     
  2. falko

    falko Super Moderator ISPConfig Developer

    Your kernel doesn't support iptables. Is it a vserver or a real machine?
    If you use the ISPConfig firewall, please switch it off.
     
  3. adrenalinic

    adrenalinic Member

    isp config not perform rules!

    hi.
    Whoi is name process of ispconfig firewall in the system??
    In my ispconfig firewall i have open service:

    FTP 21 tcp si
    SSH 22 tcp si
    SMTP 25 tcp si
    DNS 53 tcp si
    DNS 53 udp si
    WWW 80 tcp si
    ISPConfig 81 tcp si
    POP3 110 tcp si
    SSL (www) 443 tcp si

    but if perform a scanning port of my ip server, see another two ports open!!!

    119 [Description: News / Service: Unknown]
    and
    143 [Description: imap => Internet Message Access Protocol / Service: Unknown]

    I have addded a new rules in firewall config closing port 119 and 143 but the service not close this ports!

    this is my iptables rules:
    Chain INPUT (policy DROP)
    target prot opt source destination
    DROP tcp -- anywhere 127.0.0.0/8
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT all -- anywhere anywhere
    DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    PUB_IN all -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain FORWARD (policy DROP)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    DROP all -- anywhere anywhere

    Chain INT_IN (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain INT_OUT (0 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere
    ACCEPT all -- anywhere anywhere

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere
    PUB_OUT all -- anywhere anywhere

    Chain PAROLE (8 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere

    Chain PUB_IN (4 references)
    target prot opt source destination
    ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
    ACCEPT icmp -- anywhere anywhere icmp echo-reply
    ACCEPT icmp -- anywhere anywhere icmp time-exceeded
    ACCEPT icmp -- anywhere anywhere icmp echo-request
    PAROLE tcp -- anywhere anywhere tcp dpt:ftp
    PAROLE tcp -- anywhere anywhere tcp dpt:ssh
    PAROLE tcp -- anywhere anywhere tcp dpt:smtp
    PAROLE tcp -- anywhere anywhere tcp dpt:domain
    PAROLE tcp -- anywhere anywhere tcp dpt:www
    PAROLE tcp -- anywhere anywhere tcp dpt:81
    PAROLE tcp -- anywhere anywhere tcp dpt:pop3
    PAROLE tcp -- anywhere anywhere tcp dpt:https
    ACCEPT udp -- anywhere anywhere udp dpt:domain
    DROP icmp -- anywhere anywhere
    DROP all -- anywhere anywhere

    Chain PUB_OUT (4 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere


    any idea!?
    Help!!
    Thanks.
    Josef
     
    Last edited: Jul 29, 2006
  4. falko

    falko Super Moderator ISPConfig Developer

    Yes, because you run the portscan on the same system. iptables controls connections from outside, so you must run the portscan on another system, and it will show you the correct results.
     
  5. adrenalinic

    adrenalinic Member

    hi.
    i have make port scan from remote machine to my remote VPS!
    I want would ask you who is the logical management of firewall from Ispconfig.

    In howto to configure ispconfig, in howtoforge.com, not have see, any setting of firewall rules. How it works?
     
  6. falko

    falko Super Moderator ISPConfig Developer

    The ISPConfig firewall can be managed under Management -> Server -> Services.
     

Share This Page