firewall control

NodeWorx General Discussion
1

I may as well post my issue here as it seems Interworx support staff have lost their computer as they don’t reply to tickets.

I noticed when i got into the admin area the firewall control states STOPPED and i cant find a way to start this,

so i have a trial licence that i cant use, so cant test the control panel. maybe they will wait until trial is up and then answer my support expecting me to pay for something i have not been able to test.

2

Hi easyhostmedia

Welcome to IW forums

Thanks for you post but you have left a lot out if your asking for help from the forums.

Firstly though, did you complete the support request with IW in full ie enable remote support in nodeworx, open a support ticket and confirm remote support is enabled.

Also, when did you open your support ticket (please be aware Iw support operate on USA time), so I know I’m in front of them been in the UK.

If you have not told Iw support remote support is enabled, they will not know and not be able to help you.

In terms of asking forum for support, what is your distro, is it VPS or dedicated server, what Iw version are you using

Have you checked your logs for any errors in the firewall

Have you ssh into server to start manually and if errors, what is the error

Iw uses your distro for services

I hope that helps and I’m sure Iw will respond, and if your trial is near the end, perhaps would extend it for you given your post.

Many thanks

John

3

[QUOTE=d2d4j;27716]Hi easyhostmedia

Welcome to IW forums

Thanks for you post but you have left a lot out if your asking for help from the forums.

Firstly though, did you complete the support request with IW in full ie enable remote support in nodeworx, open a support ticket and confirm remote support is enabled.

Also, when did you open your support ticket (please be aware Iw support operate on USA time), so I know I’m in front of them been in the UK.

If you have not told Iw support remote support is enabled, they will not know and not be able to help you.

In terms of asking forum for support, what is your distro, is it VPS or dedicated server, what Iw version are you using

Have you checked your logs for any errors in the firewall

Have you ssh into server to start manually and if errors, what is the error

Iw uses your distro for services

I hope that helps and I’m sure Iw will respond, and if your trial is near the end, perhaps would extend it for you given your post.

Many thanks

John[/QUOTE]

yes enabled remote support in nodeworx which only remains active for 24 hrs and all info provided in support ticket.

the fact is i only installed IW yesterday and noticed the firewall states STOPPED and their is no way to enable this. IT is a VPS on Centos 6 and the IW version is v5.0.18
yes SSH will not start the firewall. no error logs as the firewall is the same as when installed.

[RIGHT][/RIGHT]

4

I had that issue when I installed InterWorx for the first time, and it was an OpenVZ VPS running CentOS 6.

First off, stop iptables via service iptables stop, then modify the file /etc/apf/conf. Change:


IFACE_UNTRUSTED="eth0"

to


IFACE_UNTRUSTED="venet0"

Then start iptables again (service iptables start) then go to NodeWorx and restart the firewall service from there.

Turns out it stays on eth0 even if it’s an OpenVZ install, and updating it from the selection via NodeWorx didn’t help.

5

[QUOTE=Liam;27720]I had that issue when I installed InterWorx for the first time, and it was an OpenVZ VPS running CentOS 6.

First off, stop iptables via service iptables stop, then modify the file /etc/apf/conf. Change:


IFACE_UNTRUSTED="eth0"

to


IFACE_UNTRUSTED="venet0"

Then start iptables again (service iptables start) then go to NodeWorx and restart the firewall service from there.

Turns out it stays on eth0 even if it’s an OpenVZ install, and updating it from the selection via NodeWorx didn’t help.[/QUOTE]

when i check that it showed IFACE_UNTRUSTED="", so changed this to IFACE_UNTRUSTED=“venet0” and restarted, but still no change

this is what i get though SSH

[root@peach ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: raw nat mangle f[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@peach ~]# service iptables start
iptables: No config file. [WARNING]
[root@peach ~]#

6

Hi easyhostmedia

That sounds like you do not have iptables file.

Can you confirm if you have or not

Many thanks

John

7

[QUOTE=easyhostmedia;27721]when i check that it showed IFACE_UNTRUSTED="", so changed this to IFACE_UNTRUSTED=“venet0” and restarted, but still no change

this is what i get though SSH

[root@peach ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: raw nat mangle f[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@peach ~]# service iptables start
iptables: No config file. [WARNING]
[root@peach ~]#[/QUOTE]

That’s odd, did you check (I’m sure you did, but double-checking just in case) the IFACE_TRUSTED option too? That file was my issue, but if it’s not there, I might have experienced something different I suppose.

8

I have the same output (on OpenVZ, venet0, etc…) but as I see the firewall is working. Try to block FTP or something in the firewall then connect to it, if firewall works the connection will be blocked!

9

Hi dss

I hope your well

Yes, creating a rule should create the iptables if it does not exist, but I’m thinking the original would be called iptables.old, and if so, it just needs renaming iptables and restart firewall

Many thanks

John

10

Hi John,

I’m fine, thanks!
You are right, or just create a file called iptables in /etc/sysconfig/ and iptables will start without warning.