You would need to troubleshoot firewall rules on DirectAdmin if you are experiencing connectivity issues or if you are unable to access certain services or applications. This article will teach you How to Troubleshoot Firewall Rules on DirectAdmin. If you intend to buy your own DirectAdmin VPS server, you can check the packages offered on the Eldernode website.
Table of Contents
How to Troubleshoot Firewall Rules on DirectAdmin
DirectAdmin is a popular web hosting control panel that allows users to manage their web hosting accounts. It includes a built-in firewall that allows you to control the incoming and outgoing network traffic on your server. You may experience connectivity issues or be unable to access certain services or programs, so you should troubleshoot firewall rules in DirectAdmin.
Named is Running but is not Responding to Requests
Running Named indicates that your DNS settings are correct, so the usual cause of not requesting responses is either a firewall or /etc/named.conf setting.
If you want to ensure that named is running and listening on all IPs, run the following command:
netstat -lnp | grep namedIf you don’t want to see all IPs listed, bound to port 53, you should check the /etc/named.conf for a setting relating to the word “bind” or “listen” to ensure it’s not just binding to local IPs.
Named is bound to all IPs, but is instructed to only offer response to local IPs. You can check your /etc/named.conf to ensure this is NOT set as shown below:
allow-query { localhost; };You should remove these if you find them because it will prevent external sources from querying your box.
listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; };If you don’t remove it, Named will only listen to these IPs, let alone which IPs it allows to query it.
Now check you don’t have a firewall blocking port 53. To do this, stop iptables to test by running the following command:
service iptables stopTesting your DNS IPs
Invalid IPs set in the file /etc/resolv.conf can cause DNS lookup errors. The resolver starts at the first “Nameserver” entry and moves down.
An example /etc/resolv.conf might look as shown below:
nameserver 8.8.8.8nameserver 8.8.4.4Remember that you may have IPs assigned by your data center to use their name servers.
You can test the lookup of the A record of a google.com domain with a specific DNS IP 8.8.8.8 by running the following command:
dig A google.com @8.8.8.8The value you want is the IP under the;; ANSWER SECTION:
– A return value can have many results, all of which must be displayed if the domain resolves to more than one place.
– If a** blank IP** is displayed in the result, it means that the name server is responding, but the desired domain is not on that server and recursive queries are disabled.
– If you can’t connect at all, you should check that “named” is running. Also, this can be caused by not opening port 53 for both TCP and UDP in your firewall. To explicitly test TCP and UDP, you should add the option +tcp or +notcp respectively. Lookups usually use UDP if not specified.
That’s it!
Conclusion
In this article, we taught you how to troubleshoot Firewall rules on DirectAdmin. I hope this tutorial was useful for you and that it helps you to troubleshoot firewall rules on the DirectAdmin VPS server. If you have any questions or suggestions, you can contact us in the Comments section.
