Iptables, apache and mysql open on start

dirweb · February 13, 2015, 7:41pm

Hi
i install my asterisk with freepbx and all is ok

I have only 2 questions:

if i reboot my sistem or it go down alone, when restart all service (mysql, apache and asterisk are down)
How i can put it automatically up on start?
I follow the guide where write i have to give this commands:
chkconfig --level 345 mysqld on
chkconfig --level 345 httpd on

but not work

iptables are now disabled, (i follow the guide), how i can enable it and enable when sistem start?
Thank you

navaismo · February 13, 2015, 7:45pm

Use first:

then

dirweb · February 13, 2015, 9:10pm

yea! it work now

thank you!!!

dirweb · February 13, 2015, 9:27pm

ops, i make an error
i want to make secure my server and i follow this guide for iptables
centos.org/docs/5/html/5.2/ … ables.html

i launch this comand:
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 10.22.5.0/24 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -s 8.8.8.8/32 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p udp --dport 5060 -j ACCEPT
iptables -A INPUT -p udp --dport 10000:20000 -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
/sbin/service iptables save

Now i can not connect via ssh and i can not go on freepbx, the phone are working…
What i can do?

navaismo · February 13, 2015, 9:52pm

You need to flush all rules to login agian, but you will need physical access to the server(hope you have) then run service iptables stop.

Check your rules and your IP in order to login.

dirweb · February 13, 2015, 9:56pm

i have not phisical access, is a remote server in a webfarm.
I try to connect via ssh but it not work
i don’t want reinstall all from zero
there is not another way to go inside this server?

navaismo · February 13, 2015, 10:51pm

You need to contact your admin usually they cant login for you and reset your service.

dirweb · February 13, 2015, 10:58pm

ok, now i try to contact they.
After, which command i have to setup for have secure server?

dirweb · February 15, 2015, 2:36pm

ok now i’m on my server.
How i have to configure my iptables for have a secure system?
I use this server only for voip

navaismo · February 15, 2015, 7:22pm

That’s up to you, you need to know your needs in order to create your iptables rules. Take a look on google and in this forum to check basic iptables rules, also try with fail2ban or blockhosts.

dirweb · February 15, 2015, 7:24pm

but i’m scary i make other error and i can not go inside my server like last time.
For this i ask there how i have to do ;(

nypon · February 20, 2015, 9:51am

Fail2ban and BlockHosts is nice tools to add some security to your system!
What you need to do is go to each tool webpage and read all about configure them!
In this case they both have a white-list where you can add your own IP address just so you don’t block your self out!
Read and try to understand the tool!
Search the web about configure the tool you are about to install and see how other have done setting up the same tool!
That way you start to understand more and more on how the tool is working and how to make the config the best way for your need!
If something goes wrong you can always contact your system administrator (as you did last time)!
Just tell them what you have done and need help with!