Перестала грузиться панель
Re: Перестала грузиться панель
я не включал никаких фаерволов, ничего такого.
вот iptables
[root@hw1 ~]# sudo iptables -L
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- dns.google anywhere tcp dpt:domain
ACCEPT udp -- dns.google anywhere udp dpt:domain
ACCEPT tcp -- dns.google anywhere tcp spt:domain
ACCEPT udp -- dns.google anywhere udp spt:domain
ACCEPT tcp -- dns.google anywhere tcp dpt:domain
ACCEPT udp -- dns.google anywhere udp dpt:domain
ACCEPT tcp -- dns.google anywhere tcp spt:domain
ACCEPT udp -- dns.google anywhere udp spt:domain
LOCALINPUT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
INVALID tcp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
LOGDROPIN icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain-s
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:imap
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:urd
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:submission
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp-data
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain-s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:http
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:https
LOGDROPIN all -- anywhere anywhere
DROP udp -- !192.168.1.0/24 anywhere udp dpt:sunrpc
DROP tcp -- !192.168.1.0/24 anywhere tcp dpt:sunrpc
ACCEPT tcp -- hw1 anywhere tcp dpt:sunrpc
вот iptables
[root@hw1 ~]# sudo iptables -L
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- dns.google anywhere tcp dpt:domain
ACCEPT udp -- dns.google anywhere udp dpt:domain
ACCEPT tcp -- dns.google anywhere tcp spt:domain
ACCEPT udp -- dns.google anywhere udp spt:domain
ACCEPT tcp -- dns.google anywhere tcp dpt:domain
ACCEPT udp -- dns.google anywhere udp dpt:domain
ACCEPT tcp -- dns.google anywhere tcp spt:domain
ACCEPT udp -- dns.google anywhere udp spt:domain
LOCALINPUT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
INVALID tcp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
LOGDROPIN icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain-s
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:imap
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:urd
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:submission
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp-data
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain-s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:http
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:https
LOGDROPIN all -- anywhere anywhere
DROP udp -- !192.168.1.0/24 anywhere udp dpt:sunrpc
DROP tcp -- !192.168.1.0/24 anywhere tcp dpt:sunrpc
ACCEPT tcp -- hw1 anywhere tcp dpt:sunrpc
Re: Перестала грузиться панель
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere dns.google tcp dpt:domain
ACCEPT udp -- anywhere dns.google udp dpt:domain
ACCEPT tcp -- anywhere dns.google tcp spt:domain
ACCEPT udp -- anywhere dns.google udp spt:domain
ACCEPT tcp -- anywhere dns.google tcp dpt:domain
ACCEPT udp -- anywhere dns.google udp dpt:domain
ACCEPT tcp -- anywhere dns.google tcp spt:domain
ACCEPT udp -- anywhere dns.google udp spt:domain
LOCALOUTPUT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp spt:domain
ACCEPT udp -- anywhere anywhere udp spt:domain
ACCEPT all -- anywhere anywhere
INVALID tcp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain-s
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:auth
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:submission
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp-data
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain-s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:auth
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ntp
LOGDROPOUT all -- anywhere anywhere
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- 194-118-115-216.hdsl.highway.telekom.at anywhere
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- anywhere 194-118-115-216.hdsl.highway.telekom.at
Chain DENYIN (1 references)
target prot opt source destination
DROP all -- 24.144.111.164 anywhere
DROP all -- 103.140.73.53 anywhere
DROP all -- 128.199.33.46 anywhere
DROP all -- 103.97.177.91 anywhere
DROP all -- 103.17.48.8 anywhere
DROP all -- 103.77.242.95 anywhere
DROP all -- 103.119.92.117 anywhere
DROP all -- 170.64.222.187 anywhere
DROP all -- 61.72.55.130 anywhere
DROP all -- 189-112-000-011.static.ctbctelecom.com.br anywhere
DROP all -- panel.mydigitalads.in anywhere
DROP all -- 68.0.91.34.bc.googleusercontent.com anywhere
DROP all -- 115.241.83.2 anywhere
DROP all -- laubervilliers-659-1-139-117.w81-250.abo.wanadoo.fr anywhere
DROP all -- 20.92.253.164 anywhere
DROP all -- 107.189.3.186 anywhere
DROP all -- 91.213.99.45 anywhere
DROP all -- 85.130.136.3 anywhere
DROP all -- 152.32.133.149 anywhere
DROP all -- vmi1477430.contaboserver.net anywhere
DROP all -- 60-199-224-2.static.tfn.net.tw anywhere
DROP all -- 122.35.192.61 anywhere
DROP all -- 101.251.197.238 anywhere
DROP all -- 181.115.151.51 anywhere
DROP all -- 221.225.81.105 anywhere
DROP all -- 125.124.0.107 anywhere
DROP all -- 165.227.109.79 anywhere
DROP all -- 103.164.8.158 anywhere
DROP all -- 157.245.100.228 anywhere
DROP all -- 64.227.149.214 anywhere
DROP all -- 221.156.126.1 anywhere
DROP all -- dynamic-ip-cr20011899170.cable.net.co anywhere
DROP all -- 180.167.153.230 anywhere
DROP all -- 80.94.95.81 anywhere
DROP all -- 178.128.118.46 anywhere
target prot opt source destination
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere dns.google tcp dpt:domain
ACCEPT udp -- anywhere dns.google udp dpt:domain
ACCEPT tcp -- anywhere dns.google tcp spt:domain
ACCEPT udp -- anywhere dns.google udp spt:domain
ACCEPT tcp -- anywhere dns.google tcp dpt:domain
ACCEPT udp -- anywhere dns.google udp dpt:domain
ACCEPT tcp -- anywhere dns.google tcp spt:domain
ACCEPT udp -- anywhere dns.google udp spt:domain
LOCALOUTPUT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp spt:domain
ACCEPT udp -- anywhere anywhere udp spt:domain
ACCEPT all -- anywhere anywhere
INVALID tcp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:domain-s
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:auth
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:submission
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:imaps
ACCEPT tcp -- anywhere anywhere ctstate NEW tcp dpt:pop3s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp-data
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ftp
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:domain-s
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:auth
ACCEPT udp -- anywhere anywhere ctstate NEW udp dpt:ntp
LOGDROPOUT all -- anywhere anywhere
Chain ALLOWIN (1 references)
target prot opt source destination
ACCEPT all -- 194-118-115-216.hdsl.highway.telekom.at anywhere
Chain ALLOWOUT (1 references)
target prot opt source destination
ACCEPT all -- anywhere 194-118-115-216.hdsl.highway.telekom.at
Chain DENYIN (1 references)
target prot opt source destination
DROP all -- 24.144.111.164 anywhere
DROP all -- 103.140.73.53 anywhere
DROP all -- 128.199.33.46 anywhere
DROP all -- 103.97.177.91 anywhere
DROP all -- 103.17.48.8 anywhere
DROP all -- 103.77.242.95 anywhere
DROP all -- 103.119.92.117 anywhere
DROP all -- 170.64.222.187 anywhere
DROP all -- 61.72.55.130 anywhere
DROP all -- 189-112-000-011.static.ctbctelecom.com.br anywhere
DROP all -- panel.mydigitalads.in anywhere
DROP all -- 68.0.91.34.bc.googleusercontent.com anywhere
DROP all -- 115.241.83.2 anywhere
DROP all -- laubervilliers-659-1-139-117.w81-250.abo.wanadoo.fr anywhere
DROP all -- 20.92.253.164 anywhere
DROP all -- 107.189.3.186 anywhere
DROP all -- 91.213.99.45 anywhere
DROP all -- 85.130.136.3 anywhere
DROP all -- 152.32.133.149 anywhere
DROP all -- vmi1477430.contaboserver.net anywhere
DROP all -- 60-199-224-2.static.tfn.net.tw anywhere
DROP all -- 122.35.192.61 anywhere
DROP all -- 101.251.197.238 anywhere
DROP all -- 181.115.151.51 anywhere
DROP all -- 221.225.81.105 anywhere
DROP all -- 125.124.0.107 anywhere
DROP all -- 165.227.109.79 anywhere
DROP all -- 103.164.8.158 anywhere
DROP all -- 157.245.100.228 anywhere
DROP all -- 64.227.149.214 anywhere
DROP all -- 221.156.126.1 anywhere
DROP all -- dynamic-ip-cr20011899170.cable.net.co anywhere
DROP all -- 180.167.153.230 anywhere
DROP all -- 80.94.95.81 anywhere
DROP all -- 178.128.118.46 anywhere
Re: Перестала грузиться панель
Chain DENYOUT (1 references)
target prot opt source destination
LOGDROPOUT all -- anywhere 24.144.111.164
LOGDROPOUT all -- anywhere 103.140.73.53
LOGDROPOUT all -- anywhere 128.199.33.46
LOGDROPOUT all -- anywhere 103.97.177.91
LOGDROPOUT all -- anywhere 103.17.48.8
LOGDROPOUT all -- anywhere 103.77.242.95
LOGDROPOUT all -- anywhere 103.119.92.117
LOGDROPOUT all -- anywhere 170.64.222.187
LOGDROPOUT all -- anywhere 61.72.55.130
LOGDROPOUT all -- anywhere 189-112-000-011.static.ctbctelecom.com.br
LOGDROPOUT all -- anywhere panel.mydigitalads.in
LOGDROPOUT all -- anywhere 68.0.91.34.bc.googleusercontent.com
LOGDROPOUT all -- anywhere 115.241.83.2
LOGDROPOUT all -- anywhere laubervilliers-659-1-139-117.w81-250.abo.wanadoo.fr
LOGDROPOUT all -- anywhere 20.92.253.164
LOGDROPOUT all -- anywhere 107.189.3.186
LOGDROPOUT all -- anywhere 91.213.99.45
LOGDROPOUT all -- anywhere 85.130.136.3
LOGDROPOUT all -- anywhere 152.32.133.149
LOGDROPOUT all -- anywhere vmi1477430.contaboserver.net
LOGDROPOUT all -- anywhere 60-199-224-2.static.tfn.net.tw
LOGDROPOUT all -- anywhere 122.35.192.61
LOGDROPOUT all -- anywhere 101.251.197.238
LOGDROPOUT all -- anywhere 181.115.151.51
LOGDROPOUT all -- anywhere 221.225.81.105
LOGDROPOUT all -- anywhere 125.124.0.107
LOGDROPOUT all -- anywhere 165.227.109.79
LOGDROPOUT all -- anywhere 103.164.8.158
LOGDROPOUT all -- anywhere 157.245.100.228
LOGDROPOUT all -- anywhere 64.227.149.214
LOGDROPOUT all -- anywhere 221.156.126.1
LOGDROPOUT all -- anywhere dynamic-ip-cr20011899170.cable.net.co
LOGDROPOUT all -- anywhere 180.167.153.230
LOGDROPOUT all -- anywhere 80.94.95.81
LOGDROPOUT all -- anywhere 178.128.118.46
target prot opt source destination
LOGDROPOUT all -- anywhere 24.144.111.164
LOGDROPOUT all -- anywhere 103.140.73.53
LOGDROPOUT all -- anywhere 128.199.33.46
LOGDROPOUT all -- anywhere 103.97.177.91
LOGDROPOUT all -- anywhere 103.17.48.8
LOGDROPOUT all -- anywhere 103.77.242.95
LOGDROPOUT all -- anywhere 103.119.92.117
LOGDROPOUT all -- anywhere 170.64.222.187
LOGDROPOUT all -- anywhere 61.72.55.130
LOGDROPOUT all -- anywhere 189-112-000-011.static.ctbctelecom.com.br
LOGDROPOUT all -- anywhere panel.mydigitalads.in
LOGDROPOUT all -- anywhere 68.0.91.34.bc.googleusercontent.com
LOGDROPOUT all -- anywhere 115.241.83.2
LOGDROPOUT all -- anywhere laubervilliers-659-1-139-117.w81-250.abo.wanadoo.fr
LOGDROPOUT all -- anywhere 20.92.253.164
LOGDROPOUT all -- anywhere 107.189.3.186
LOGDROPOUT all -- anywhere 91.213.99.45
LOGDROPOUT all -- anywhere 85.130.136.3
LOGDROPOUT all -- anywhere 152.32.133.149
LOGDROPOUT all -- anywhere vmi1477430.contaboserver.net
LOGDROPOUT all -- anywhere 60-199-224-2.static.tfn.net.tw
LOGDROPOUT all -- anywhere 122.35.192.61
LOGDROPOUT all -- anywhere 101.251.197.238
LOGDROPOUT all -- anywhere 181.115.151.51
LOGDROPOUT all -- anywhere 221.225.81.105
LOGDROPOUT all -- anywhere 125.124.0.107
LOGDROPOUT all -- anywhere 165.227.109.79
LOGDROPOUT all -- anywhere 103.164.8.158
LOGDROPOUT all -- anywhere 157.245.100.228
LOGDROPOUT all -- anywhere 64.227.149.214
LOGDROPOUT all -- anywhere 221.156.126.1
LOGDROPOUT all -- anywhere dynamic-ip-cr20011899170.cable.net.co
LOGDROPOUT all -- anywhere 180.167.153.230
LOGDROPOUT all -- anywhere 80.94.95.81
LOGDROPOUT all -- anywhere 178.128.118.46
Re: Перестала грузиться панель
Chain INVALID (2 references)
target prot opt source destination
INVDROP all -- anywhere anywhere ctstate INVALID
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
INVDROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
INVDROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST
INVDROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN
INVDROP tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH
INVDROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG
INVDROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN ctstate NEW
Chain INVDROP (10 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain LOCALINPUT (1 references)
target prot opt source destination
ALLOWIN all -- anywhere anywhere
DENYIN all -- anywhere anywhere
Chain LOCALOUTPUT (1 references)
target prot opt source destination
ALLOWOUT all -- anywhere anywhere
DENYOUT all -- anywhere anywhere
Chain LOGDROPIN (2 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:telnet
DROP udp -- anywhere anywhere udp dpt:telnet
DROP tcp -- anywhere anywhere tcp dpt:bootps
DROP udp -- anywhere anywhere udp dpt:bootps
DROP tcp -- anywhere anywhere tcp dpt:bootpc
DROP udp -- anywhere anywhere udp dpt:bootpc
DROP tcp -- anywhere anywhere tcp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP tcp -- anywhere anywhere tcp dpt:auth
DROP udp -- anywhere anywhere udp dpt:auth
DROP tcp -- anywhere anywhere tcp dpts:epmap:netbios-ssn
DROP udp -- anywhere anywhere udp dpts:epmap:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:isakmp
DROP udp -- anywhere anywhere udp dpt:isakmp
DROP tcp -- anywhere anywhere tcp dpt:login
DROP udp -- anywhere anywhere udp dpt:who
DROP tcp -- anywhere anywhere tcp dpt:efs
DROP udp -- anywhere anywhere udp dpt:router
LOG tcp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn prefix "Firewall: *TCP_IN Blocked* "
LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn prefix "Firewall: *UDP_IN Blocked* "
LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn prefix "Firewall: *ICMP_IN Blocked* "
DROP all -- anywhere anywhere
Chain LOGDROPOUT (36 references)
target prot opt source destination
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 30/min burst 5 LOG level warn uid prefix "Firewall: *TCP_OUT Blocked* "
LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn uid prefix "Firewall: *UDP_OUT Blocked* "
LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn uid prefix "Firewall: *ICMP_OUT Blocked* "
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
target prot opt source destination
INVDROP all -- anywhere anywhere ctstate INVALID
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
INVDROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
INVDROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST
INVDROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN
INVDROP tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH
INVDROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG
INVDROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN ctstate NEW
Chain INVDROP (10 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain LOCALINPUT (1 references)
target prot opt source destination
ALLOWIN all -- anywhere anywhere
DENYIN all -- anywhere anywhere
Chain LOCALOUTPUT (1 references)
target prot opt source destination
ALLOWOUT all -- anywhere anywhere
DENYOUT all -- anywhere anywhere
Chain LOGDROPIN (2 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:telnet
DROP udp -- anywhere anywhere udp dpt:telnet
DROP tcp -- anywhere anywhere tcp dpt:bootps
DROP udp -- anywhere anywhere udp dpt:bootps
DROP tcp -- anywhere anywhere tcp dpt:bootpc
DROP udp -- anywhere anywhere udp dpt:bootpc
DROP tcp -- anywhere anywhere tcp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP tcp -- anywhere anywhere tcp dpt:auth
DROP udp -- anywhere anywhere udp dpt:auth
DROP tcp -- anywhere anywhere tcp dpts:epmap:netbios-ssn
DROP udp -- anywhere anywhere udp dpts:epmap:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds
DROP udp -- anywhere anywhere udp dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:isakmp
DROP udp -- anywhere anywhere udp dpt:isakmp
DROP tcp -- anywhere anywhere tcp dpt:login
DROP udp -- anywhere anywhere udp dpt:who
DROP tcp -- anywhere anywhere tcp dpt:efs
DROP udp -- anywhere anywhere udp dpt:router
LOG tcp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn prefix "Firewall: *TCP_IN Blocked* "
LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn prefix "Firewall: *UDP_IN Blocked* "
LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn prefix "Firewall: *ICMP_IN Blocked* "
DROP all -- anywhere anywhere
Chain LOGDROPOUT (36 references)
target prot opt source destination
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 30/min burst 5 LOG level warn uid prefix "Firewall: *TCP_OUT Blocked* "
LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn uid prefix "Firewall: *UDP_OUT Blocked* "
LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warn uid prefix "Firewall: *ICMP_OUT Blocked* "
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Re: Перестала грузиться панель
Попробуйте остановить iptables, и зайти в панель.
systemctl stop iptables
Покажите вывод ls -al /etc/yum.repos.d/
systemctl stop iptables
Покажите вывод ls -al /etc/yum.repos.d/
Re: Перестала грузиться панель
Да, вы знаете, стоп помог. Панель открылась.
[root@hw1 ~]# systemctl stop iptables
[root@hw1 ~]#
[root@hw1 ~]# ls -al /etc/yum.repos.d/
total 68
drwxr-xr-x. 2 root root 4096 Oct 4 19:40 .
drwxr-xr-x. 123 root root 12288 Oct 14 12:05 ..
-rw-r--r-- 1 root root 232 Jan 2 2023 alma-brainy.repo
-rw-r--r-- 1 root root 1023 Oct 5 01:10 almalinux-appstream.repo
-rw-r--r-- 1 root root 987 Oct 5 01:10 almalinux-baseos.repo
-rw-r--r-- 1 root root 951 May 2 02:21 almalinux-crb.repo
-rw-r--r-- 1 root root 987 May 2 02:21 almalinux-extras.repo
-rw-r--r-- 1 root root 1107 May 2 02:21 almalinux-highavailability.repo
-rw-r--r-- 1 root root 951 May 2 02:21 almalinux-nfv.repo
-rw-r--r-- 1 root root 963 May 2 02:21 almalinux-plus.repo
-rw-r--r-- 1 root root 1107 May 2 02:21 almalinux-resilientstorage.repo
-rw-r--r-- 1 root root 939 May 2 02:21 almalinux-rt.repo
-rw-r--r-- 1 root root 951 May 2 02:21 almalinux-sap.repo
-rw-r--r-- 1 root root 999 May 2 02:21 almalinux-saphana.repo
-rw-r--r-- 1 root root 1195 Oct 4 19:40 brainy.repo
Куда копать? Я правила никакие не добавлял. Может модуль какой то сбоит типо фаервола?
[root@hw1 ~]# systemctl stop iptables
[root@hw1 ~]#
[root@hw1 ~]# ls -al /etc/yum.repos.d/
total 68
drwxr-xr-x. 2 root root 4096 Oct 4 19:40 .
drwxr-xr-x. 123 root root 12288 Oct 14 12:05 ..
-rw-r--r-- 1 root root 232 Jan 2 2023 alma-brainy.repo
-rw-r--r-- 1 root root 1023 Oct 5 01:10 almalinux-appstream.repo
-rw-r--r-- 1 root root 987 Oct 5 01:10 almalinux-baseos.repo
-rw-r--r-- 1 root root 951 May 2 02:21 almalinux-crb.repo
-rw-r--r-- 1 root root 987 May 2 02:21 almalinux-extras.repo
-rw-r--r-- 1 root root 1107 May 2 02:21 almalinux-highavailability.repo
-rw-r--r-- 1 root root 951 May 2 02:21 almalinux-nfv.repo
-rw-r--r-- 1 root root 963 May 2 02:21 almalinux-plus.repo
-rw-r--r-- 1 root root 1107 May 2 02:21 almalinux-resilientstorage.repo
-rw-r--r-- 1 root root 939 May 2 02:21 almalinux-rt.repo
-rw-r--r-- 1 root root 951 May 2 02:21 almalinux-sap.repo
-rw-r--r-- 1 root root 999 May 2 02:21 almalinux-saphana.repo
-rw-r--r-- 1 root root 1195 Oct 4 19:40 brainy.repo
Куда копать? Я правила никакие не добавлял. Может модуль какой то сбоит типо фаервола?
Re: Перестала грузиться панель
В терминале вы можете добавить, csf -a ваш ip
Видно вас заблокировал фаервол.
Видно вас заблокировал фаервол.