It would seem there’s some kind of invalid configuration on line 2 of /etc/sysconfig/iptables
You’d have to post at least the first few lines of said file to learn more about what’s actually causing it.
16 thoughts on - IP Table Restore
If I recall correctly, you are using CentOS 7? With 7, you really should be using firewalld rather than manually writing iptables rules. see the firewall section of the RHEL 7 networking manual I previously linked, twice.
Nov 25 17:20:14 ns1.currencybooking.com systemd[1]: Starting firewalld –
dynamic firewall daemon… Nov 25 17:20:14 ns1.currencybooking.com systemd[1]: Started firewalld –
dynamic firewall daemon. Nov 25 17:20:14 ns1.currencybooking.com firewalld[2865]: 2015-11-25
17:20:14 ERROR: ebtables not usable, disabling ethernet bridge firewall. Nov 25 17:20:14 ns1.currencybooking.com firewalld[2865]: 2015-11-25
17:20:14 FATAL ERROR: No IPv4 and IPv6 firewall. Nov 25 17:20:14 ns1.currencybooking.com firewalld[2865]: 2015-11-25
17:20:14 ERROR: Raising SystemExit in run_server
Shiva Prasad Nath
92981134
Well, usually pricing is ~about 100-250 dollars/hour, depending on how complex case and contractor.
Are you sure that you’re running CentOS 7 and not some kind of VPS
(using a shared kernel, and on which you can’t modify iptables rules) ?
What about “modinfo ip_tables ; uname -a ” ?
Cheers,
–
modinfo: ERROR: Module alias ip_tables not found. Linux ns1.currencybooking.com 3.10.0-229.20.1.el7.x86_64 #1 SMP Tue Nov 3
19:10:07 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Shiva Prasad Nath
92981134
Which should be under
/lib/modules/3.10.0-229.20.1.el7.x86_64/kernel/net/ipv4/netfilter/ip_tables.ko
… so something else is broken on that node. Back to the initial question : which kind of setup is that :
bare-metal, or a VM, VPS ? how was it installed, etc .. (because that ip_tables kernel module is there *by default*)
The more details you can give, the better, as at first sight that doesn’t seem to be a normal setup
[root@c7test1 ~]# uname -a Linux c7test1.XXXXXX 3.10.0-229.11.1.el7.x86_64 #1 SMP Thu Aug 6
01:06:18 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
(minor version number differences not important, just means I’ve not updated in a few weeks)
202.150.210.74
root andyjohnnycbc@2014
If you wish then you can access it and able to get required info.
Shiva Prasad Nath
92981134
Sorry to step in here folks, but I have moderated this user for now for their own good. Posting credentials to a public mailing list is not going to end well for anyone.
do you realize you just gave out root access to 1000s of people all over the world?
Thanks you. It was too much noise on the list with apparent unwillingness of one to ever attempt to do something on one’s own…
Valeri
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
Jim Perrin wrote:
Thanks, Jim.
If I knew who to email, I’d email his manager, and have this unqualified incompetent fired… *after* they yanked his access and changed the password.
Actually, *what* the password is makes me wonder whether he’s actually legitimately accessing that system as root….
mark
Well, that sounds like indian offsourcing company selling *high* *quality*
Linux maintenance for very low price :)
That is reason why you should never try to offsource Linux maintenance work..
16 thoughts on - IP Table Restore
If I recall correctly, you are using CentOS 7? With 7, you really should be using firewalld rather than manually writing iptables rules. see the firewall section of the RHEL 7 networking manual I previously linked, twice.
otherwise, which part of that error is unclear? check line 2 of
/etc/sysconfig/iptables, it has a syntax error. there may be more information in the system logs, see chapter 20, ‘logging’
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/ch-Viewing_and_Managing_Log_Files.html
Sorry for asking stupid question about Super key. I am not able to understand the key.
press the Super key to enter the Activities Overview, type firewall and then press Enter
Shiva Prasad Nath
92981134
How about learning the basics? Commercial support is also available, if you really need some one to fix your server.
How much I have to pay?
Shiva Prasad Nath
92981134
Now I am following you.
FYI
[root@ns1 network-scripts]# systemctl start firewalld
[root@ns1 network-scripts]# systemctl status firewalld firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: inactive (dead) since Wed 2015-11-25 17:20:14 SGT; 24s ago
Process: 2865 ExecStart=/usr/sbin/firewalld –nofork –nopid
$FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 2865 (code=exited, status=0/SUCCESS)
Nov 25 17:20:14 ns1.currencybooking.com systemd[1]: Starting firewalld –
dynamic firewall daemon… Nov 25 17:20:14 ns1.currencybooking.com systemd[1]: Started firewalld –
dynamic firewall daemon. Nov 25 17:20:14 ns1.currencybooking.com firewalld[2865]: 2015-11-25
17:20:14 ERROR: ebtables not usable, disabling ethernet bridge firewall. Nov 25 17:20:14 ns1.currencybooking.com firewalld[2865]: 2015-11-25
17:20:14 FATAL ERROR: No IPv4 and IPv6 firewall. Nov 25 17:20:14 ns1.currencybooking.com firewalld[2865]: 2015-11-25
17:20:14 ERROR: Raising SystemExit in run_server
Shiva Prasad Nath
92981134
Well, usually pricing is ~about 100-250 dollars/hour, depending on how complex case and contractor.
Are you sure that you’re running CentOS 7 and not some kind of VPS
(using a shared kernel, and on which you can’t modify iptables rules) ?
What about “modinfo ip_tables ; uname -a ” ?
Cheers,
–
modinfo: ERROR: Module alias ip_tables not found. Linux ns1.currencybooking.com 3.10.0-229.20.1.el7.x86_64 #1 SMP Tue Nov 3
19:10:07 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Shiva Prasad Nath
92981134
Which should be under
/lib/modules/3.10.0-229.20.1.el7.x86_64/kernel/net/ipv4/netfilter/ip_tables.ko
… so something else is broken on that node. Back to the initial question : which kind of setup is that :
bare-metal, or a VM, VPS ? how was it installed, etc .. (because that ip_tables kernel module is there *by default*)
The more details you can give, the better, as at first sight that doesn’t seem to be a normal setup
Cheers,
–
you should have gotten something like….
[root@c7test1 ~]# modinfo ip_tables filename:
/lib/modules/3.10.0-229.11.1.el7.x86_64/kernel/net/ipv4/netfilter/ip_tables.ko description: IPv4 packet filter author: Netfilter Core Team
license: GPL
rhelversion: 7.1
srcversion: 44A16130862F8CA2ECA59D9
depends:
intree: Y
vermagic: 3.10.0-229.11.1.el7.x86_64 SMP mod_unload modversions signer: CentOS Linux kernel signing key sig_key: 99:7D:A0:E2:1A:70:E7:B6:13:42:3A:B6:22:65:07:4A:78:60:35:4C
sig_hashalgo: sha256
[root@c7test1 ~]# uname -a Linux c7test1.XXXXXX 3.10.0-229.11.1.el7.x86_64 #1 SMP Thu Aug 6
01:06:18 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
(minor version number differences not important, just means I’ve not updated in a few weeks)
202.150.210.74
root andyjohnnycbc@2014
If you wish then you can access it and able to get required info.
Shiva Prasad Nath
92981134
Sorry to step in here folks, but I have moderated this user for now for their own good. Posting credentials to a public mailing list is not going to end well for anyone.
do you realize you just gave out root access to 1000s of people all over the world?
Thanks you. It was too much noise on the list with apparent unwillingness of one to ever attempt to do something on one’s own…
Valeri
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
Jim Perrin wrote:
Thanks, Jim.
If I knew who to email, I’d email his manager, and have this unqualified incompetent fired… *after* they yanked his access and changed the password.
Actually, *what* the password is makes me wonder whether he’s actually legitimately accessing that system as root….
mark
Well, that sounds like indian offsourcing company selling *high* *quality*
Linux maintenance for very low price :)
That is reason why you should never try to offsource Linux maintenance work..