Linux Firewall iptables restore

Help! (Home for newbies)
1

Hi

I’m new to virtualmin and facing a problem that need your help.
I’m using CentOS 6.5 and just installed virtualmin for default without any custom configuration.
In an accident, my Linux Firewall on iptables had been empty and now my server are accepting every request. I searched for iptables restore to default but these is no lucky.
I known that re-install CentOS and fresh new Virtualmin is a good option but that is not the best solution. Could you please help to provide me the default Linux Firewall iptables that I can apply for my server?
Thank you in advance

2

Hi,

If you want a basic firewall which is designed for hosting, simply do the following…

Go to:

Webmin > Networking > Linux Firewall

Click the button “Reset Firewall”

Choose “Block all except ports used for virtual hosting, on interface:” along with the interface facing the web. (usually something like “eth0”)

Click “Setup Firewall”

This will close all ports except those used for web hosting including the ports needed for Virtualmin and Usermin.

If you run into any other problems, or need advanced assistance please feel free to contact me.

Best Regards, Peter Knowles TPN Solutions

Email: pknowles@tpnsolutions.com
Phone: 604-229-0715 (new)
Skype: tpnsupport
Website: http://www.tpnsolutions.com
3

Hi tpnsolutions,

Thank for your help. I got my Linux Firewall as I wish.

You’ve made my day!

4

Hi,

Good to hear! If you have any other questions feel free to post them here, or drop me a line on Skype :slight_smile:

Best Regards, Peter Knowles TPN Solutions

Email: pknowles@tpnsolutions.com
Phone: 604-229-0715 (new)
Skype: tpnsupport
Website: http://www.tpnsolutions.com
5

I have similar problem. I installed Virtualmin on Centos 6, but I don’t see any iptables rules on Webmin - Networking - Linux Firewall page. I restarted Iptables but that page still empty. In the header it says: ‘Rules file /etc/sysconfig/iptables’ and when I watch this file then there are many rules and it’s starts with ‘# Generated by webmin’. I’m afraid that Webmin rewrite default Centos 6 /etc/sysconfig/iptables file and broke something and I can’t find what must be in that file by default. Before that I had Virtualmin on Centos 5 and there everything was ok. My question is: how to fix Linux Firewall page in Webmin and where I can find default file /etc/sysconfig/iptables for Centos 6? Thanks.

UPD: I found that if I set ‘Directly edit firewall rules instead of save file?’ to Yes then I can see firewall rules. But what’s wrong with default settings?

UPD2: Ok, I got it, Webmin generated wrong /etc/sysconfig/iptables file. It’s filter section started like this:

# Generated by webmin
*filter
-A INPUT -p udp -m udp --dport ftp-data -j ACCEPT
-A INPUT -p udp -m udp --dport ftp -j ACCEPT

but it must be:

# Generated by webmin
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p udp -m udp --dport ftp-data -j ACCEPT
-A INPUT -p udp -m udp --dport ftp -j ACCEPT

Ie default rules missed. If you got the same problem, you can start iptables, save output of ‘iptables-save’ command, put it in /etc/sysconfig/iptables and now you can see all rules on Linux Firewall page in Webmin.