kernel upgrade - now kiss firewall locking me out?

R

roly

Verified User
Joined
Nov 9, 2006
Messages
182
hi

i upgraded my kernel with yum and i keep getting locked out of my server. i'm running centos 5.2 and my new kernel after a yum upgrade is 2.6.18-92.1.18.el5

the version of kiss i am using says in the notes "This version, renumbered as: Version 2.2a-kernel 2.8.16-and-newer" so am i using the wrong version that i installed with @how@ update.script? and if so does anyone know where i can get the correct version of kiss that's modified for directadmin, if this is what my problem is.

any advice appreciated

roland
 
littleoak said:
/usr/local/sbin/kiss stop
wget -q -O /usr/local/sbin/kiss http://www.nobaloney.net/downloads/kiss/kiss.kernel-2.8.16-and-newer
chmod 700 /usr/local/sbin/kiss
/usr/local/sbin/kiss start
Click to expand...

thanks, i think that is the same version that i'm already using however. i'll give it a try though. i think i possibly need the version for kernel older than that, my kernel is 2.6.18-92.1.18.el5 however that version doesn't seem to through any errors when i start kiss.

i've had to get my server provider to get me back in a few times now and i don't want to have to ask again if i can help it. am i correct in thinking that if i make a cronjob like this:

*/15 * * * * /usr/local/sbin/kiss stop

i can safely play around with this and the cron will turn off kiss to let me back in should i lock myself out again?
 
managed to get it working, before it was locking me out after a reboot, still not sure why. anyway just incase anyone is interested. i tried to stop kiss with cron, however i was getting a cron error of "/usr/local/sbin/kiss: line 69: ifconfig: command not found Could not determine MAIN_IP. Firewall script aborted!"

apparently when using cron full paths need to be given, and, and this would have meant editing the path to ifconfig in the kiss file. so i did some research and ending up executing via cron, a script containing:

/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables --flush
 
Last edited:
Doesn't that turn off your firewall?

After running that script you should try:
Code: 
iptables -L
to see if you've got a firewall.

You can certainly create a cronjob to run KISS, and then make those changes to KISS.

Or you can run KISS once to create the rules, then run the iptables command to save the rules to the /etc/sysconfig/iptables file. I forget the command; you should be able to find it by running
Code: 
man iptables

Once you've done that you can simply set up
Code: 
service iptables start
in your cronjob.

Jeff
 
hi jeff

no i probably didn't explain my problem very well. for some strange reason, (i've installed kiss on other servers without a problem) when i rebooted my server kiss would lock me out for some reason. i could restart it without a problem, it would only lock me out after a reboot, i've no idea why. i've got it working now anyway.

but what i wanted whilst i was testing it, was for a cronjob to turn OFF kiss after 15 minutes incase it did lock me out after a reboot. which is what that script was for.

but anyway all working as it should now, still unsure why it was doing that. thanks for the advice anyway. :)

roland
 
Last edited:
A cronjob to stop kiss at any time would simply use the command:

/path/to/kiss stop

But a cronjob cannot run now + 15.

I think you can do this as part of your startup in rc.local:
Code: 
# run at now + 15 minutes /root/kiss-stop
and put a file in your root directory with this command:
Code: 
/path/to/kiss stop
.
Chmod the file kiss-stop as 700 and chown it root:root.

Note that I've not tried this and I bear no responsibility if things go horribly wrong and your server breaks.

Jeff
 
jlasman said:
A cronjob to stop kiss at any time would simply use the command:

/path/to/kiss stop

But a cronjob cannot run now + 15.

I think you can do this as part of your startup in rc.local:
Code: 
# run at now + 15 minutes /root/kiss-stop
and put a file in your root directory with this command:
Code: 
/path/to/kiss stop
.
Chmod the file kiss-stop as 700 and chown it root:root.

Note that I've not tried this and I bear no responsibility if things go horribly wrong and your server breaks.

Jeff
Click to expand...

hi jeff

yes understood, thanks for the info :)
 
You must log in or register to reply here.
Back
Top