Host Access Control, rules dont load - nftables removed, iptables installed

kszadkowski

• February 01, 2022 07:51

I am in the process of preparing a new cPanel server onn Alma Linux 8.5. I ran into a little problem while setting up the firewall. Since I decided to use CSF (I've always used it), I removed nftables and installed iptables. CSF works fine, but unfortunately the rules in Host Access Control are not loading. Am I able to make HAC work with iptables?

• 

  cPRex Jurassic Moderator

  • February 01, 2022 15:42

  Hey there! Do you see anything in /usr/local/cpanel/logs/error_log when that doesn't load? Does it load normally when you switch back to nftables?

  0
• 

  kszadkowski

  • February 01, 2022 17:20

  There is nothing about HAC in error log. Yes, it works. #yum remove iptables #yum install nftables > restart As you can see in the screenshot. Rules load in milliseconds (cleared rules, so it's empty). Obviously the CSF has stopped working. There is one more possibility. With iptables installed but without nftables removing, both HAC and CSF work. The question is, is it possible and will there be any conflicts between nftables and iptables?

  0
• 

  cPRex Jurassic Moderator

  • February 02, 2022 17:02

  Thanks for the additional details. According to our guide here: servers that run CentOS 7, CloudLinux 7, or RHEL 7, we recommend that you use the firewalld utility. For more information, read Red Hat"s Technical Support for an authoritative answer regarding that tool.

  0

Please sign in to leave a comment.