I’ve upgraded Ubuntu to 22.04 some days ago.
Now I have an issue after reboot. The Firewall seems to block anything,
I only get anything up and working again, if I login via “connected console” to the server and execute following commands:
iptables -P INPUT ACCEPT
It seems that a rule is breaking the whole IPTABLES-Service.
What is the best way to figure out which rule is the cause of t he issue?
iptables -S return this:
-P FORWARD DROP
-P OUTPUT ACCEPT
-N f2b-nginx-badbots
-N f2b-postfix-sasl
-N f2b-proftp_noSuchUser
-A INPUT -p tcp -j f2b-nginx-badbots
-A INPUT -p tcp -m multiport --dports 0:65535 -j f2b-proftp_noSuchUser
-A f2b-nginx-badbots -s 98.71.20.249/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-nginx-badbots -s 95.214.25.83/32 -j REJECT --reject-with icmp-port-unreachable
...(hundreds of that nginx-badbots rules)
-A f2b-nginx-badbots -j RETURN
-A f2b-postfix-sasl -j RETURN
-A f2b-proftp_noSuchUser -s 94.140.48.197/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-proftp_noSuchUser -s 94.131.241.75/32 -j REJECT --reject-with icmp-port-unreachable
-A f2b-proftp_noSuchUser -j RETURN
Hab in den Logs noch folgendes gefunden:
ERROR: COMMAND_FAILED: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.8.7 (nf_tables): invalid port/service `1-65535' specified
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
Then after a reboot the firewall rules are still in the file and shown in the “Linux IPTables Firewall” module. (If I change that back to “yes” the rules disappear after reboot again!)
But …
…I’ve found that firewallD was not running. So I’ve press the button to start it… and webmin wasn’t available again.
I had to open the Server-Console again and allow SSH and Webmin-Ports to be accessable… even if I have them added in firewallD:
Firewalld is a frontend for iptables … but look at the log files for firewalld for the startup errors. A quick resume is obtained by ‘sudo service firewalld status’ and fix what error it shows
This look as if it should still work fine … so do you run fail2ban ? if so try stopping fail2ban and starting firewalld, and see if you still have the problem that rules out fail2ban adding your IP to firewalld’s data set
I don’t see why or how that could happend (any explanation is very welcome).
But after I’d disabled ufw, “firewallD” work again like before the Distribution upgrade of Ubuntu 20.04 LTS to 22.04 LTS.
Never had that on distribution upgrade before however i tend to remove ufw as i don’t use it so may never have hit this one. Good to see your working again