0
Under review

After enabling iptables firewall, server can't connect to anturis

eckelon 6 years ago updated by Alexander Artamonov (Here to help) 6 years ago 3

Hello,


I configured some anturis components and everything was ok until I enabled iptables.

I've search in this forum about this issue but found nothing. As far
I've read, anturis use any open port so the only thing to do is enabling
input/output access through anturis IP, that's why I added this 2 lines in my iptables config, but it still cant connect.


-A INPUT -p tcp -s 67.225.148.163 -j ACCEPT
-A OUTPUT -p tcp -d 67.225.148.163 -j ACCEPT


Any idea of what's going on?

Thanks so much!

Under review

Hi!


Could you please share the whole output of "# iptables -L"?


Thanks.

Hello!


this is my iptables -L output:

Chain INPUT (policy DROP)
target     prot opt source               destination         
fail2ban-ssh  tcp  --  anywhere             anywhere             multiport dports ssh
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http-alt
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:smtp ctstate NEW,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:submission ctstate NEW,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ftp-data
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:mysql
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:2812
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:6379
ACCEPT     tcp  --  anturis.com          anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anturis.com         

Could you please also execute "iptables -nvL"?


Please also share contents of /opt/anturis/log.


Thank you!