[Ubuntu-US-CA] All incoming ports blocked without iptables

Michael Paoli Michael.Paoli at cal.berkeley.edu
Thu Apr 9 13:40:23 UTC 2015

So ...
What's listening on what IP addresses?
What IP addresses are configured where and how?
What does the routing look like?
What do the firewall rules look like?

I.e. what does the output of these commands look like?:
$ netstat -an | grep '^tcp.*LISTEN'
$ /sbin/ifconfig | grep -E '^[^ ]| addr:'
$ netstat -nr
# iptables -L -n

> From: "Tony Baechler" <tony.baechler at gmail.com>
> Subject: [Ubuntu-US-CA] All incoming ports blocked without iptables
> Date: Thu, 09 Apr 2015 06:26:49 -0700

> Hi all,
> I'm really stumped here.  I've tried everything I can think of but nothing
> seems to work.  I really need help here!  I'm willing to try anything at
> this point.
> I am running Ubuntu 14.04.1 and have recently upgraded to the latest 3.13
> kernel with security fixes.  I rebooted the server after the kernel upgrade
> and now all ports are blocked.  I get an immediate "connection refused."
> I've completely purged ufw, iptables, fail2ban and the Qemu packages just in
> case.  I can get to the server with a rescue system and I can boot with KVM.
>  When I boot this way, everything looks fine and the network seems normal.
> I can connect to port 22 on localhost just fine.  When I reboot out of the
> rescue system, everything is again blocked.  It's obviously something with
> the network, but I don't know what.  Trying a 3.16 kernel made no
> difference.  My daily cron jobs are running and Postfix is running, but it
> isn't getting any incoming mail.  I restored my /etc/network/interfaces from
> a known good backup.  I don't recall adding or changing anything related to
> bridges or routing.
> What else can I try?  I would give more information but I don't know where
> else to look.  I've removed or purged any recent packages which might have
> caused a problem.  It was fine until I rebooted, but I really don't know
> what changed to cause the breakage.  Any thoughts?

More information about the Ubuntu-us-ca mailing list