This is with CentOS 6. On one of my servers, periodically all IPTables rules are simply dropped and all connections start being blocked. It happens fairly randomly once every few days. I have a script with specific rules in it that I have to rerun to set them back to where I need them.
IPTables.sh looks something like this:
#!/bin/bash
iptables -F
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp -s xx.xx.xx.xxx -m tcp --dport 22 -j ACCEPT
iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP
iptables-save | sudo tee /etc/sysconfig/iptables
service iptables save
service iptables restart
Everything works fine after I run the above script. Any idea what could cause the rules to be reset and have iptables start blocking all incoming connections where I have to login directly to the hardware to reset them?
EDIT: Finally after a year of not being able to figure out the problem I received a cron notification. Now how do I stop this from resetting my rules?
Upgrading csf from v7.59 to 7.60...
Retrieving new csf package...
...5%
...10%
...65%
...70%
...75%
...100%
Unpacking new csf package...
Selecting installer...
Running csf generic installer
Installing generic csf and lfd
Check we're running as root
Checking Perl modules...mode of `os.pl' changed to 0700 (rwx------)
Using configuration defaults
ok