V-update-firewall fail in ubuntu 20.04

Hi, /sbin/chkconfig don’t exist in ubuntu:

#v-update-firewall
/usr/local/hestia/bin/v-update-firewall: line 183: /sbin/chkconfig: No such file or directory

any solution for this?
Thanks

Just remove that file.

chconfig has been removed before Ubuntu 13

sorry, what file do I have to delete exactly?

Remove:

1 Like

Ah ok :slight_smile:
Regards!

Thanks Eris, I have a very strange error and that’s why I was looking at these commands regarding the fw. On a couple of newly booted machines I can’t ssh in, once I stop iptables in hestiacp I can ssh in, exit ssh again, turn on iptables and now I can ssh in. I don’t understand anything, it’s as if some rule is wrong and it only activates correctly when I stop and start iptables. What could it be?

Is the correct port open in the firewall settings?

I think I know what’s going on, these machines were mounted with the default ssh port of 22, and then had the port changed to another number after hestiacp was installed (example port 44044) As I see it in “/etc/iptables.rules” there is a part that refers to port 22 and another part that refers to the new port 44044, I imagine that is the problem.

It also strikes me that the date of that file is very old (probably from the day of the installation of hestia) and it is supposed that the changes of the iptables rules should be saving, right?

In any case, maybe “iptables-save > /etc/iptables.rules” could solve the problem? more data, my hestiacp version is v1.5.8

Thank you very much

Edit the rules in the firewall settings page.

After that is done it should work fine.

/usr/local/hestia/data/firewall/rules.conf is so old due to the fact it is copied over from:

And it was create on that date and only minor changes have been made

Hi,

“After that is done it should work fine.”

no, if I restart the machine the same thing happens again, apart from that I commented on the /etc/iptables.rules file, not on /usr/local/hestia/data/firewall/rules.conf.

So you think that running an "iptables-save > /etc/iptables.rules” would not solve the problem definitively?

No as it will overwrite if changes are made to the firewall for what ever reason.

/usr/local/hestia/data/firewall/rules.conf and then run v-stop-firewall and then v-update-firewall

It fails the same, I explain:

  • i’m on a different machine, where i have the same problem, i.e. i reboot the machine and i can’t ssh in, so i stop iptables
  • I enter with ssh (now I can) and when executing v-stop-firewall and then v-update-firewall I have the same error due to chkconfig, in both files I have deleted those 3 lines, I execute these commands without problems.
  • reboot, same problem can’t ssh in, only option is to stop iptables

We haven’t released a new version yet that solves the issue on all the servers. The chkconfig is old code that should be removed. I have submitted a PR for it and it has been merged. We are currently working on the last few bugs to release a new version soon.

Updating the filewall rule in the panel should update the ip tables config and after v-update-firewall is run also update the iptables config.

First of all, thank you very much for your support, you are very kind! well, nothing happens, I’ll have to be aware and that’s it, if I found the problem I’d tell you.

In any case, with this file (/usr/local/hestia/data/firewall/rules.conf) I shouldn’t do anything, right? I only see that it is fine and the only thing that I see differently is that my comments are in lowercase, nothing more (and the ssh port -it’s diferent- and a new rule for zabbix -10050-).

Thanks!