Question

Port randomly closing -- Not allowing new connections

  • Posted November 15, 2014

Hi there, I’m running murmur/mumble on my server (a VoIP application) which is running CentOS 6.5. I’m having some trouble in which the port clients connect on (64738) will randomly become unavailable. When I run my iptable/firewall script (See below) the port will be available and users can connect fine, however after a couple of minute the port will close (Connected users will remain connected however new users won’t be able to connect).

The server is still listening on that port when this is happening: tcp 0 0 :::64738 :::* LISTEN

Below is the script I am using to set my iptables (also running fail2ban):

#!/bin/sh

PATH=/sbin:/bin:/usr/sbin:/usr/bin

if [ "$IFACE" = "eth0" ]; then
	#Stop Fail2Ban Service
	echo Stopping Fail2Ban
	service fail2ban stop

	# Mangle and Set IPTABLES
	iptables -F
	iptables -X
	#echo Allowing ssh to 178.62.168.117 from AT and Home ONLY
	#iptables -A INPUT -p tcp -s 80.229.44.217 --dport 22 -j ACCEPT
	#iptables -A INPUT -p tcp -s 193.243.130.17 --dport 22 -j ACCEPT
	iptables -A INPUT -p tcp --dport 22 -j ACCEPT

	echo Allowing Custom Ports
	iptables -A INPUT -p udp --dport 64738 -j ACCEPT
	iptables -A INPUT -p tcp --dport 64738 -j ACCEPT

	echo Allowing http and https
	iptables -A INPUT -p tcp --dport 80 -j ACCEPT
	echo Allowing icmp
	iptables -A INPUT -p icmp -j ACCEPT
	echo Allowing local
	iptables -A INPUT -s 127.0.0.1 -j ACCEPT
	iptables -A INPUT -s 127.0.1.1 -j ACCEPT
	echo Allowing connections already made
	iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
	iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
	iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
	echo Reject all other traffic
	iptables -A INPUT -j REJECT
	iptables -A FORWARD -j REJECT

	#Save the standard reset-rules just incase we lose the script, or something goes wrong.
	iptables-save -c > /etc/iptables.rules

	#Restart Fail2Ban
	echo Restarting Fail2Ban
	service fail2ban start
else
	if [ "$IFACE" = "" ]; then
		echo "No IFACE Specified!"
		exit 0
	else
		echo "$IFACE can't bring up firewall status!"
		exit 0
	fi
fi

Can anyone immediately see what may be the cause of this issue? Any further information please just let me know

Thanks

Subscribe
Share

Hi, I solved this the other day. It turned out another application that I used a script to install came bundled with CSF, which wasn’t allowing that port. I have since removed the second firewall

Thanks, Mike

I’m suspecting it’s fail2ban throttling the connections. Try disabling it – does that fix it?

sudo service fail2ban stop

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

This question was answered by @Evesy:

Hi, I solved this the other day. It turned out another application that I used a script to install came bundled with CSF, which wasn’t allowing that port. I have since removed the second firewall

Thanks, Mike

View the original comment