LinuxQuestions.org - [SOLVED] Iptables with Netfilter Problem

- Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)

- - Iptables with Netfilter Problem (http://www.linuxquestions.org/questions/linux-newbie-8/iptables-with-netfilter-problem-895747/)

Iptables with Netfilter Problem

Hello, I have a CentOS 5.5 x64 Xen VPS. I installed Webmin, Pure-FTPD and, OpenVPN. My problem is none of them can't connect to the VPS. When I look into the Iptables, there is a Netfilter thing. Is there a way to remove or disable this?

you can edit the rules table using iptables -D chain x with chain = INPUT or OUTPUT or FORWARD and x = the rule number
if it's a rule of the nat table you have to add -t nat.

spring logout

I already added the rules for my VPN. Still I can't connect.

Code:

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 123.123.123.123

Tried also with Masquerading, but no luck. However, I can connect to the VPN when iptables is disabled but I need iptables to route the traffic from VPS to my clients.

Submitted a ticket to the host but no response.:banghead:

How about you post the (possibly anonymised?) output of
iptables -L
so we can see what's actually being done?

Here it is:

Code:

[root@vps1 ~]# iptables -L

Chain INPUT (policy ACCEPT)

target     prot opt source               destination

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp

RH-Firewall-1-INPUT  all  --  anywhere             anywhere



Chain FORWARD (policy ACCEPT)

target     prot opt source               destination

RH-Firewall-1-INPUT  all  --  anywhere             anywhere



Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination



Chain RH-Firewall-1-INPUT (2 references)

target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere

ACCEPT     icmp --  anywhere             anywhere            icmp any

ACCEPT     esp  --  anywhere             anywhere

ACCEPT     ah   --  anywhere             anywhere

ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns

ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp

ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED                           

ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh                                  

REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

Since all your policies are ACCEPT, and the first rule in
RH-Firewall-1-INPUT explicitly allows any traffic I don't think
that iptables is what's giving you grief.

Right. I just re-read the entire thread; can you please give a bit
more detail on the whole set-up? Your VPS is hosted on what machine?
Where did you install the aforementioned programs? Can you connect to
the VPS at all, in any way? You have full access to the machine that
hosts your VPS? Can that machine talk to the VPS?

Cheers,
Tink

Hello, I solved my problem with the help of this blog. I have to manually add the port that I'm going to use. Webmin, Pure-FTPD, and OpenVPN are now working fine. Thanks.

I have a host-based firewall called Netfilter (iptables). That's what bugging me.