[IpTables] Haproxy routing is blocked by Iptables when accessing over VPN

mediadepot / chef-depot

DEPRECATED: Replaced by mediadepot/ignition

https://github.com/mediadepot/ignition

28 stars 2 forks source link

[IpTables] Haproxy routing is blocked by Iptables when accessing over VPN #33

Open AnalogJ opened 7 years ago

AnalogJ commented 7 years ago

Workaround:

On Ubuntu, iptables is not a service. In order to stop it, you have to do the following :

sudo iptables-save > /root/firewall.rules
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

In order to restore your previous rules :

iptables-restore < /root/firewall.rules

http://serverfault.com/a/129338

AnalogJ commented 7 years ago

Deleting the following rules works

root@depot:~# iptables -L --line-numbers

Chain AS0_IN_POST (1 references)
num  target     prot opt source               destination
...
3    DROP       all  --  anywhere             anywhere

Chain AS0_IN_PRE (2 references)
num  target     prot opt source               destination
...
5    DROP       all  --  anywhere             anywhere

iptables -D AS0_IN_POST 3
iptables -D AS0_IN_PRE 5