Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I don't know if this is the correct forum for this post but here:
I have a CENTOS 6.5 server which I use as Proxy, FTP, Chat and Samba servers. After running the installation script of Nagios XI, all lost connection to the above services.
After disabling the firewall, I was able to gain access to all services. For now I have left the firewall disabled but I would like to know what changed. When I check firewall settings they all look okay.
At a guess you either:
a) Weren't running iptables before and on turning it on blocked ports you haven't opened in iptables yet.
b) Were running iptables and had updated rules on the fly by inserting with the -I flag but never saved the file to /etc/sysconfig/iptables so on restart the rules it go were default rules in that file as opposed to the ones you had in memory.
So what is in your /etc/sysconfig/iptables file for rules? Do you have any other files saved in /etc/sysconfig made by the iptables-save command that have different rules?
Assuming /etc/sysconfig/iptables has default setup you'd have to edit that file to add the appropriate rules then restart iptables (or start iptables then add rules using iptables -I then use iptables-save to overwrite the file).
One thing to note is that for the "INPUT" chain the final rule is usually:
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
A final possibility: It is important that that rule appear below all other rules in that "INPUT" chain as it essentially says to block anything not matched by earlier rules in the chain. Rules placed after it would never take effect because it applies the rules in the order they appear. If you had added a new rule to allow connection to Nagios or NRPE below that this rule would not have worked and its barely possible you somehow reordered to put the above REJECT rule above all your ACCEPT rules.
Thanks for your quick response! I was able to fix it with your recommendations.
I checked the /etc/sysconfig directory, I did not see a 'iptables' file; however, I saw an iptables.old file that contained all the rules I configured in the past. I '#cp iptables.old iptables', re-enabled the firewall and now it is working fine. I also rebooted the server to ensure it would work and it does.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Nagios XI on CentOS 6.5 firewall issues
