Facebook
Twitter
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
Resolved Update iptables blocks site and admin-panel
- Thread starter Pleskie
- Start date
Hello Peter Debik
No it's not an extension.
I find the option to update system packages here:
Tools & Settings -> Server Management -> System Updates
I executed a lot of updates from this section, and now there are only 2 updates left:
iptables 1.4.21-16.el7 (unknown) -> Tools for managing Linux kernel packet filtering capabilities
iptables-services 1.4.21-16.el7 (unknown) -> iptables and ip6tables services for iptables
If I choose to update these 2 packages, the system becomes totally unreachable.
The website stops responding (can't connect) and also the Plesk panel stops responding.
It looks as if iptables blocks everything after the update.
What should I do????
No it's not an extension.
I find the option to update system packages here:
Tools & Settings -> Server Management -> System Updates
I executed a lot of updates from this section, and now there are only 2 updates left:
iptables 1.4.21-16.el7 (unknown) -> Tools for managing Linux kernel packet filtering capabilities
iptables-services 1.4.21-16.el7 (unknown) -> iptables and ip6tables services for iptables
If I choose to update these 2 packages, the system becomes totally unreachable.
The website stops responding (can't connect) and also the Plesk panel stops responding.
It looks as if iptables blocks everything after the update.
What should I do????
* BUMP *
Can someone from Plesk admin please explain?
My Plesk panel says there are 2 packages I should update. These 2:
iptables 1.4.21-16.el7 (unknown) Tools for managing Linux kernel packet filtering capabilities
iptables-services 1.4.21-16.el7 (unknown) iptables and ip6tables services for iptables
As soon as I update these packages Plesk panel and my website become unreachable.
The browser says "This page can’t be displayed".
I already tried to update these 2 packages with the firewall and fail2ban disabled, but it makes no difference.
Can someone from Plesk admin please tell me what is going on?
Can someone from Plesk admin please explain?
My Plesk panel says there are 2 packages I should update. These 2:
iptables 1.4.21-16.el7 (unknown) Tools for managing Linux kernel packet filtering capabilities
iptables-services 1.4.21-16.el7 (unknown) iptables and ip6tables services for iptables
As soon as I update these packages Plesk panel and my website become unreachable.
The browser says "This page can’t be displayed".
I already tried to update these 2 packages with the firewall and fail2ban disabled, but it makes no difference.
Can someone from Plesk admin please tell me what is going on?
Linulex
Silver Pleskian
Looking at your version number i think you use centos7 or rhel7
This isn't a plesk issue, it's a rhel 7 / centos 7 issue
centos 7, (and rhel7), uses standard firewalld, and not iptables. If you want to use/go back to iptables you need to follow one of the many tutorials available on the web.
http://stackoverflow.com/questions/24756240/how-can-i-use-iptables-on-centos-7
regards
Jan
Hello Linulex / Jan,
First of all. Thanks for taking the time to answer my question. I appreciate that.
I'm not sure I totally understand you.
Yes, I use Centos 7. That's correct.
"centos 7, (and rhel7), uses standard firewalld, and not iptables. If you want to use/go back to iptables you need to follow one of the many tutorials available on the web."
I am not exactly sure what you mean. I thought that the built-in Plesk firewall (in the Plesk panel) and Fail2Ban use iptables in the background. Am I wrong?
So what should I do now? Should I just ignore these updates?
First of all. Thanks for taking the time to answer my question. I appreciate that.
I'm not sure I totally understand you.
Yes, I use Centos 7. That's correct.
"centos 7, (and rhel7), uses standard firewalld, and not iptables. If you want to use/go back to iptables you need to follow one of the many tutorials available on the web."
I am not exactly sure what you mean. I thought that the built-in Plesk firewall (in the Plesk panel) and Fail2Ban use iptables in the background. Am I wrong?
So what should I do now? Should I just ignore these updates?
Running iptables instead of firewalld cannot be the cause for the issue.
It is correct, that firewalld is the standard for CentOS 7, but it is also correct that on a default setup, CentOS 7 in combination with Plesk does not use firewalld, but is using iptables. You can test whether firewalld is active by asking for the status: # service firewalld status. If it is active, stop it, because iptables will do the work. However, it is probably not even installed on the system.
You can check which version of iptables is installed on your system, e.g.
# rpm -qa | grep iptables
The current version should be iptables-1.4.21-17.el7.x86_64
I do not yet have an idea why an upgrade of iptables causes a full block of the panel and websites, but I assume that for some reason existing rules are being replaced or deleted. It can be that you are not using Epel repository, but some other repository that delivers a ruleset along with the upgrade. I suggest to do this:
1) export existing iptables rules
# iptables-save > iptables-export
2) upgrade iptables through yum
3) import iptables rules from the export file
# iptables-restore < iptables-export
It is correct, that firewalld is the standard for CentOS 7, but it is also correct that on a default setup, CentOS 7 in combination with Plesk does not use firewalld, but is using iptables. You can test whether firewalld is active by asking for the status: # service firewalld status. If it is active, stop it, because iptables will do the work. However, it is probably not even installed on the system.
You can check which version of iptables is installed on your system, e.g.
# rpm -qa | grep iptables
The current version should be iptables-1.4.21-17.el7.x86_64
I do not yet have an idea why an upgrade of iptables causes a full block of the panel and websites, but I assume that for some reason existing rules are being replaced or deleted. It can be that you are not using Epel repository, but some other repository that delivers a ruleset along with the upgrade. I suggest to do this:
1) export existing iptables rules
# iptables-save > iptables-export
2) upgrade iptables through yum
3) import iptables rules from the export file
# iptables-restore < iptables-export
Last edited:
Who's the man? Peter Debik is the man! 
Thanks! Now that is what you call a good explanation for a beginner like me.
You were right. Firewalld was not installed.
I followed your instructions and they worked!! At point 3 I had to remove the "/tmp/" part, but besides that everything seems to be working fine now.
Iptables is now up to date and both my website and Plesk panel are reachable.
Yes ... I'm a happy man now Thanks a lot Peter!!!
Thanks! Now that is what you call a good explanation for a beginner like me.
You were right. Firewalld was not installed.
I followed your instructions and they worked!! At point 3 I had to remove the "/tmp/" part, but besides that everything seems to be working fine now.
Iptables is now up to date and both my website and Plesk panel are reachable.
Yes ... I'm a happy man now
Thanks a lot Peter!!!