Hi there, I’m running murmur/mumble on my server (a VoIP application) which is running CentOS 6.5. I’m having some trouble in which the port clients connect on (64738) will randomly become unavailable. When I run my iptable/firewall script (See below) the port will be available and users can connect fine, however after a couple of minute the port will close (Connected users will remain connected however new users won’t be able to connect).
The server is still listening on that port when this is happening: tcp 0 0 :::64738 :::* LISTEN
Below is the script I am using to set my iptables (also running fail2ban):
#!/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
if [ "$IFACE" = "eth0" ]; then
#Stop Fail2Ban Service
echo Stopping Fail2Ban
service fail2ban stop
# Mangle and Set IPTABLES
iptables -F
iptables -X
#echo Allowing ssh to 178.62.168.117 from AT and Home ONLY
#iptables -A INPUT -p tcp -s 80.229.44.217 --dport 22 -j ACCEPT
#iptables -A INPUT -p tcp -s 193.243.130.17 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
echo Allowing Custom Ports
iptables -A INPUT -p udp --dport 64738 -j ACCEPT
iptables -A INPUT -p tcp --dport 64738 -j ACCEPT
echo Allowing http and https
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
echo Allowing icmp
iptables -A INPUT -p icmp -j ACCEPT
echo Allowing local
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -s 127.0.1.1 -j ACCEPT
echo Allowing connections already made
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
echo Reject all other traffic
iptables -A INPUT -j REJECT
iptables -A FORWARD -j REJECT
#Save the standard reset-rules just incase we lose the script, or something goes wrong.
iptables-save -c > /etc/iptables.rules
#Restart Fail2Ban
echo Restarting Fail2Ban
service fail2ban start
else
if [ "$IFACE" = "" ]; then
echo "No IFACE Specified!"
exit 0
else
echo "$IFACE can't bring up firewall status!"
exit 0
fi
fi
Can anyone immediately see what may be the cause of this issue? Any further information please just let me know
Thanks
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
This question was answered by @Evesy:
Hi, I solved this the other day. It turned out another application that I used a script to install came bundled with CSF, which wasn’t allowing that port. I have since removed the second firewall
Thanks, Mike
Hi, I solved this the other day. It turned out another application that I used a script to install came bundled with CSF, which wasn’t allowing that port. I have since removed the second firewall
Thanks, Mike
I’m suspecting it’s fail2ban throttling the connections. Try disabling it – does that fix it?