Knowledge Base

Some rules are removed from iptables firewall permanently

 
firewallplesk for linuxserversshtechnical questions

Symptoms

  • Some particular rules are removed from iptables firewall on daily basis while others are left intact;
  • Advanced Policy Firewall (APF) is installed on the system and is active:

    # /usr/local/sbin/apf -st
    APF Status Log:
    Feb 04 13:41:41 server apf(9616): {glob} fast load snapshot saved
    Feb 04 13:41:41 server apf(9616): {glob} firewall initalized
    Feb 04 13:41:41 server apf(9724): {glob} default (ingress) input drop
    Feb 04 13:41:41 server apf(9724): {glob} default (egress) output accept
    Feb 04 13:41:41 server apf(9724): {glob} loading postroute.rules

Cause

Advanced Policy Firewall overrides iptables ruleset.

Resolution

Advanced Policy Firewall has a higher priority and allowed to override iptables ruleset.

1. Connect to the server via SSH ;

2. Add required rules to APF configuration file /etc/apf/conf.apf in accordance to its documentation
If APF is not needed – stop it and remove all rules:

# /usr/local/sbin/apf -f
# mv /etc/cron.daily/apf /root/apf

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2022 Plesk International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of Plesk International GmbH.

Managed with 💙  with Plesk WP Toolkit
Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt