I think I might have set the default action to reject at the bottom of page; I though it applied to action, when I hit add; my bad; that is a bad option to have on a page like this.
My guess is that it altered the etc/sysconifg/iptables file to set it to reject; I have to drive to a remote colo to fix it; I was just hoping I’m right; once I get down there I have no resources to find the answer on how to fix this.
can you remote log in to a RAC card or a console through your hosting ISP?
Else you have to go there and log in, go to the iptables file and remove the offending line.
You could also submit a ticket and have the colocater do it for you.
I just got in; I colo out of town; had to drive there and back; I got there, no idea what I was going to do to fix it; I didn’t have firefox installed, nor could I, since this took down both incoming and outgoing internet; I saw a iptables.save; boy did it save me; restarted iptables and installed firefox; then I got in and added a reject for the whole 59.65.0.0 subnet (China, I do believe); now I’m not getting DOS attacks; nor do I car if they can get to any of my sites.
I know what I did now; I was looking at the “Set to Default” select dropdown, I though I had to hit the “Set to Default” button to save this option; didn’t think about it again; then I hit "add rule, which must have done a submit and set the default to what ever state I had it in; which must have been Drop; they need to add an onchange script to check for state being Drop, and change text to red and warn you that if you do this, you will loss all internet connects both incoming and outgoing; why you would have an option to kill your server is beyond me, since you can not change it back unless you are physically at the server.