Author Topic: Another app is currently holding the xtables lock  (Read 12011 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Another app is currently holding the xtables lock
« on: July 26, 2018, 07:18:15 PM »

Hello

I wanted to config IPtable.
I set the rule in /etc/sysctl.conf
I added this rule too iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP


As was said in :
https://javapipe.com/ddos/blog/iptables-ddos-protection/


I did this too:


iptables -P INPUT DROP
iptables -P FORWARD DROP

but now when I want to login to CWP it takes a about 3 minutes to let me in/
I think the problem is with the rule:
I want to detelet it but it says :

Another app is currently holding the xtables lock. Perhaps you want to use the -w option?

I think it doesnot stop.
When I use #service iptables stop
The output is:
Redirecting to /bin/systemctl stop iptables.service

Does it means Iptables has stoped?
After that I can not enter the CWP quicker.
I think Iptables was not installed. I used yum and installed it. maybe it caused the problem..


How can I solve it

Thanks
I love CWP

Offline
*
Re: Another app is currently holding the xtables lock
« Reply #1 on: July 27, 2018, 11:46:15 AM »
you should use CSF to manage your firewall rules

this command will show you most of the active rules
iptables -L 

anyway, you shouldn't configure anything on the firewall if you don't know what you need to block as this can cause additional issues and server can be even slower during the ddos/dos attack.
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.