SOLVED IPtables won't start with FQDN

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
The point matthew makes is a good one. Once IPtables is started, it doesn't "try again." If it starts before your network is up, then the FQDNs never get resolved because there may be no network connectivity (needed to resolve them) at the time IPtables starts. That was the reason I suggested testing the fix above.
 

bobmats

Member
Joined
Nov 11, 2014
Messages
50
Reaction score
1
Did have no time to test this as I did a fresh centos 6.5 pbxinaflash install.
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
We've pushed out a fix to all CentOS 7 systems running Incredible PBX. Just log out and back in to install it. The iptables-restart code already was in rc.local; however, it turns out the executable bit wasn't set on /etc/rc.d/rc.local so it never got run on startup. :crazy:

Thanks again, bobmats.
 

jeff.h

Guru
Joined
Dec 1, 2010
Messages
502
Reaction score
71
I just spun up a new droplet with 6.7 / Incredible 13 and it is doing the same thing. ./add-ip is fine ./add-fqdn requires iptables-restart after a reboot. I've checked /etc/rc.local and /usr/local/sbin/iptables-restart is already there.

Thoughts?
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
grillovillegas This should get everyone squared away that is having the problem:

Code:
cd /
wget http://incrediblepbx.com/09272015-patch.tar.gz
tar zxvf 09272015-patch.tar.gz
rm -f 09272015-patch.tar.gz
touch /etc/pbx/.update718
# on CentOS platform only execute the following:
yum -y install sox
 

jeff.h

Guru
Joined
Dec 1, 2010
Messages
502
Reaction score
71
Unfortunately that seems to break FaxGetty after a reboot on all 4 droplets that I tried it on.

Screen Shot 2015-09-27 at 4.34.45 PM.png
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
Only if it's broken and you installed Incredible Fax BEFORE the patch above, do the following:
Code:
sed -i '/faxgetty/d' /etc/rc.d/rc.local
echo "/usr/sbin/faxgetty -D ttyIAX0" >> /etc/rc.d/rc.local
echo "/usr/sbin/faxgetty -D ttyIAX1" >> /etc/rc.d/rc.local
echo "/usr/sbin/faxgetty -D ttyIAX2" >> /etc/rc.d/rc.local
echo "/usr/sbin/faxgetty -D ttyIAX3" >> /etc/rc.d/rc.local
sed -i '/exit 0/d' /etc/rc.d/rc.local
echo "exit 0" >> /etc/rc.d/rc.local
reboot
 

OldSpice

New Member
Joined
Sep 11, 2015
Messages
1
Reaction score
0
I am having the same issue after following the steps to install Avant Fax on http://nerdvittles.com/?p=13762 I am new to servers and everything was working fine until installing the fax. I did do the following (and probably shouldn't have) from above. cd / wget http://incrediblepbx.com/09272015-patch.tar.gz tar zxvf 09272015-patch.tar.gz rm -f 09272015-patch.tar.gz touch /etc/pbx/.update718 Any Ideas? Asterisk 11.20.0 Incredible GUI 12.0.30 Ubuntu 14.04.3
 
Joined
Feb 13, 2011
Messages
330
Reaction score
12
grillovillegas This should get everyone squared away that is having the problem:

Code:
cd /
wget http://incrediblepbx.com/09272015-patch.tar.gz
tar zxvf 09272015-patch.tar.gz
rm -f 09272015-patch.tar.gz
touch /etc/pbx/.update718
# on CentOS platform only execute the following:
yum -y install sox

Hi @wardmundy , I just realized that after a restart that IPTABLES is down ..... if I take out the FQDNS everything is fine , but If I added back it turns Down.

Iptables-restart fixes the problem but only until i restart the machine, any ideas ?

Thanks
 
Joined
Feb 13, 2011
Messages
330
Reaction score
12
Run iptables-restart and post any error message.

Loading iptables rules... IPv4... skipping IPv6 (no rules to load)...done.
No IPtables problems found.
IPtables now running.
[ ok ] Restarting authentication failure monitor: fail2ban.
WARNING: Always run Incredible PBX VM behind a secure hardware-based firewall.
 

ddowson

New Member
Joined
Mar 30, 2016
Messages
2
Reaction score
0
Loading iptables rules... IPv4... skipping IPv6 (no rules to load)...done.
No IPtables problems found.
IPtables now running.
[ ok ] Restarting authentication failure monitor: fail2ban.
WARNING: Always run Incredible PBX VM behind a secure hardware-based firewall.

I'm having this exact same problem on Ubuntu 14.04.4 fresh install with Incredible 13-12.2 - IPtables is down, iptables-restart doesn't change it..
Go gentle on me, I'm BRAND new to all of this, so I'm probably a bit of a boob.

Contents of my /etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

/usr/local/sbin/iptables-restart

exit 0
~
~
~
~
~
~
~
"/etc/rc.local" [readonly] 16L, 339C
 

dicko

Still learning but earning
Joined
Oct 30, 2015
Messages
1,607
Reaction score
826
You might want to try line 1 changed to

#!/bin/bash


For debian based systems.
 

wardmundy

Nerd Uno
Joined
Oct 12, 2007
Messages
19,170
Reaction score
5,199
Also try adding some sleep time (sleep 10) above the iptables-restart line to give your server more time to bring up the network. A lot of this has to do with the performance of your hardware platform. The other solution is don't use FQDNs with iptables. Then it won't have to do name resolution through the network to bring up the firewall.
 

Members online

Forum statistics

Threads
25,782
Messages
167,511
Members
19,203
Latest member
frapu
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Top