Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
iptables causes sites to stop working [SOLVED]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 5362

PostPosted: Mon Jul 21, 2014 1:19 pm    Post subject: iptables causes sites to stop working [SOLVED] Reply with quote

I've been noticing that my sites stop working after a day or so. Restarting services one at a time to find the culprit, I found that my sites started working after restarting iptables:

Code:

 * Flushing firewall rules iptables                                                                                          [ OK ]
 * Setting chains to policy ACCEPT                                                                                                   raw nat mangle filter                                                                                                       [ OK ]
Unloading iptables moduleslibkmod: ERROR ../libkmod/libkmod-module.c:1619 kmod_module_new_from_loaded: could not open /proc/modules: No such file or directory
Error: could not get list of modules: No such file or directory
grep: /proc/modules: No such file or directory
libkmod: ERROR ../libkmod/libkmod-module.c:1619 kmod_module_new_from_loaded: could not open /proc/modules: No such file or directory
Error: could not get list of modules: No such file or directory
grep: /proc/modules: No such file or directory
                                                                                                                             [ OK ]
 * Applying iptables firewall rules 


What's going on, and how should I fix it?
_________________
Gentoo Studio: http://gentoostudio.org
Facebook: http://www.facebook.com/gentoostudio
G+: https://plus.google.com/113947758237122861689/posts
Linux 'Tude Tees: http://moodytudetees.com/index.php/linux-tude-tees


Last edited by audiodef on Tue Jul 22, 2014 1:45 pm; edited 1 time in total
Back to top
View user's profile Send private message
Sysa
Apprentice
Apprentice


Joined: 16 Mar 2005
Posts: 160
Location: Europe

PostPosted: Mon Jul 21, 2014 8:35 pm    Post subject: Re: iptables causes sites to stop working Reply with quote

Do you have modules enabled in your kernel?
_________________
RedHat -> SuSE -> Debian -> Gentoo
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 5362

PostPosted: Mon Jul 21, 2014 8:55 pm    Post subject: Reply with quote

No, and I don't want to mess with the kernel because it's a hosted server. But I think the problem is I need to figure out which file I should edit to set IPTABLES_MODULES_UNLOAD to "no".
_________________
Gentoo Studio: http://gentoostudio.org
Facebook: http://www.facebook.com/gentoostudio
G+: https://plus.google.com/113947758237122861689/posts
Linux 'Tude Tees: http://moodytudetees.com/index.php/linux-tude-tees
Back to top
View user's profile Send private message
Hu
Watchman
Watchman


Joined: 06 Mar 2007
Posts: 9393

PostPosted: Tue Jul 22, 2014 1:01 am    Post subject: Reply with quote

Usually the answer is the file of the same name in /etc/conf.d. However, my init scripts do not look like they could generate some of the output you posted. Are you using some system other than openrc?
Back to top
View user's profile Send private message
audiodef
Watchman
Watchman


Joined: 06 Jul 2005
Posts: 5362

PostPosted: Tue Jul 22, 2014 1:44 pm    Post subject: Reply with quote

I found what I was looking for in /etc/init.d/iptables. I didn't think of it because I've always edited conf files, not init scripts. But it works now.

(Of course, it's going to get wiped out when iptables gets updated, but I'll just keep an eye out for it and make the change again when I need to.)
_________________
Gentoo Studio: http://gentoostudio.org
Facebook: http://www.facebook.com/gentoostudio
G+: https://plus.google.com/113947758237122861689/posts
Linux 'Tude Tees: http://moodytudetees.com/index.php/linux-tude-tees
Back to top
View user's profile Send private message
steveL
Advocate
Advocate


Joined: 13 Sep 2006
Posts: 3767
Location: The Peanut Gallery

PostPosted: Tue Jul 22, 2014 4:54 pm    Post subject: Reply with quote

audiodef wrote:
I found what I was looking for in /etc/init.d/iptables. I didn't think of it because I've always edited conf files, not init scripts. But it works now.

(Of course, it's going to get wiped out when iptables gets updated, but I'll just keep an eye out for it and make the change again when I need to.)

I don't have that init.d file; what package is it from? qfile /etc/init.d/iptables as I'm sure you know.

If you can post the diff (and url of original file if you have it) then we could look to filing a bug once it's genericised. Though I'd like to check it's not something you can already do.
Back to top
View user's profile Send private message
Chiitoo
Veteran
Veteran


Joined: 28 Feb 2010
Posts: 1003
Location: Here and Away Again

PostPosted: Tue Jul 22, 2014 5:56 pm    Post subject: Reply with quote

steveL wrote:
I don't have that init.d file; what package is it from?

I do:

Code:
$ equery b /etc/init.d/iptables
 * Searching for /etc/init.d/iptables ...
net-firewall/iptables-1.4.21-r1 (/etc/init.d/iptables)

Here bee the file: Contents of /net-firewall/iptables/files/iptables-1.4.13-r1.init
_________________
Kind Regards,
~ The Noob Unlimited ~

Sore wa sore, kore wa kore.
Back to top
View user's profile Send private message
steveL
Advocate
Advocate


Joined: 13 Sep 2006
Posts: 3767
Location: The Peanut Gallery

PostPosted: Thu Jul 24, 2014 3:51 pm    Post subject: Reply with quote

Chiitoo wrote:
Here bee the file: Contents of /net-firewall/iptables/files/iptables-1.4.13-r1.init

Cheers Chiitoo :) Wow, that's.. rather "special" as USians say. Still we can clean that up in the mix. So what changes did you make to set IPTABLES_MODULES_UNLOAD to "no", audiodef?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum