Control Web Panel
WebPanel => CentOS-WebPanel GUI => Topic started by: yeknafar on July 26, 2018, 07:18:15 PM
-
Hello
I wanted to config IPtable.
I set the rule in /etc/sysctl.conf
I added this rule too iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
As was said in :
https://javapipe.com/ddos/blog/iptables-ddos-protection/
I did this too:
iptables -P INPUT DROP
iptables -P FORWARD DROP
but now when I want to login to CWP it takes a about 3 minutes to let me in/
I think the problem is with the rule:
I want to detelet it but it says :
Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
I think it doesnot stop.
When I use #service iptables stop
The output is:
Redirecting to /bin/systemctl stop iptables.service
Does it means Iptables has stoped?
After that I can not enter the CWP quicker.
I think Iptables was not installed. I used yum and installed it. maybe it caused the problem..
How can I solve it
Thanks
-
you should use CSF to manage your firewall rules
this command will show you most of the active rules
iptables -L
anyway, you shouldn't configure anything on the firewall if you don't know what you need to block as this can cause additional issues and server can be even slower during the ddos/dos attack.