View previous topic :: View next topic |
Author |
Message |
audiodef Watchman
Joined: 06 Jul 2005 Posts: 6639 Location: The soundosphere
|
Posted: Mon Jul 21, 2014 1:19 pm Post subject: iptables causes sites to stop working [SOLVED] |
|
|
I've been noticing that my sites stop working after a day or so. Restarting services one at a time to find the culprit, I found that my sites started working after restarting iptables:
Code: |
* Flushing firewall rules iptables [ OK ]
* Setting chains to policy ACCEPT raw nat mangle filter [ OK ]
Unloading iptables moduleslibkmod: ERROR ../libkmod/libkmod-module.c:1619 kmod_module_new_from_loaded: could not open /proc/modules: No such file or directory
Error: could not get list of modules: No such file or directory
grep: /proc/modules: No such file or directory
libkmod: ERROR ../libkmod/libkmod-module.c:1619 kmod_module_new_from_loaded: could not open /proc/modules: No such file or directory
Error: could not get list of modules: No such file or directory
grep: /proc/modules: No such file or directory
[ OK ]
* Applying iptables firewall rules
|
What's going on, and how should I fix it? _________________ decibel Linux: https://decibellinux.org
Github: https://github.com/Gentoo-Music-and-Audio-Technology
Facebook: https://www.facebook.com/decibellinux
Discord: https://discord.gg/73XV24dNPN
Last edited by audiodef on Tue Jul 22, 2014 1:45 pm; edited 1 time in total |
|
Back to top |
|
|
Sysa Apprentice
Joined: 16 Mar 2005 Posts: 161 Location: Europe
|
Posted: Mon Jul 21, 2014 8:35 pm Post subject: Re: iptables causes sites to stop working |
|
|
Do you have modules enabled in your kernel? _________________ RedHat -> SuSE -> Debian -> Gentoo |
|
Back to top |
|
|
audiodef Watchman
Joined: 06 Jul 2005 Posts: 6639 Location: The soundosphere
|
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21630
|
Posted: Tue Jul 22, 2014 1:01 am Post subject: |
|
|
Usually the answer is the file of the same name in /etc/conf.d. However, my init scripts do not look like they could generate some of the output you posted. Are you using some system other than openrc? |
|
Back to top |
|
|
audiodef Watchman
Joined: 06 Jul 2005 Posts: 6639 Location: The soundosphere
|
|
Back to top |
|
|
steveL Watchman
Joined: 13 Sep 2006 Posts: 5153 Location: The Peanut Gallery
|
Posted: Tue Jul 22, 2014 4:54 pm Post subject: |
|
|
audiodef wrote: | I found what I was looking for in /etc/init.d/iptables. I didn't think of it because I've always edited conf files, not init scripts. But it works now.
(Of course, it's going to get wiped out when iptables gets updated, but I'll just keep an eye out for it and make the change again when I need to.) |
I don't have that init.d file; what package is it from? qfile /etc/init.d/iptables as I'm sure you know.
If you can post the diff (and url of original file if you have it) then we could look to filing a bug once it's genericised. Though I'd like to check it's not something you can already do. |
|
Back to top |
|
|
Chiitoo Administrator
Joined: 28 Feb 2010 Posts: 2573 Location: Here and Away Again
|
Posted: Tue Jul 22, 2014 5:56 pm Post subject: |
|
|
steveL wrote: | I don't have that init.d file; what package is it from? |
I do:
Code: | $ equery b /etc/init.d/iptables
* Searching for /etc/init.d/iptables ...
net-firewall/iptables-1.4.21-r1 (/etc/init.d/iptables) |
Here bee the file: Contents of /net-firewall/iptables/files/iptables-1.4.13-r1.init _________________ Kindest of regardses. |
|
Back to top |
|
|
steveL Watchman
Joined: 13 Sep 2006 Posts: 5153 Location: The Peanut Gallery
|
Posted: Thu Jul 24, 2014 3:51 pm Post subject: |
|
|
Cheers Chiitoo :) Wow, that's.. rather "special" as USians say. Still we can clean that up in the mix. So what changes did you make to set IPTABLES_MODULES_UNLOAD to "no", audiodef? |
|
Back to top |
|
|
|