Troubleshooting Common Issues

Firewall misconfigurations can block legitimate traffic or leave security gaps. Understanding common issues and troubleshooting techniques helps maintain both security and availability.

Debug connection issues:

# Watch packets in real-time
sudo tcpdump -i any -n port 80

# Check if packets are reaching the server
sudo iptables -L -v -n | grep -E "DROP|REJECT"

# Trace packet flow through iptables
sudo iptables -t raw -A PREROUTING -p tcp --dport 80 -j TRACE
sudo iptables -t raw -A OUTPUT -p tcp --sport 80 -j TRACE
# Check /var/log/kern.log for trace output

Test firewall rules safely:

# Create a test script that reverts changes after timeout
#!/bin/bash
echo "Applying new firewall rules..."
./new-firewall-rules.sh

echo "Rules applied. Testing connectivity..."
sleep 300  # 5 minute timeout

echo "Reverting to previous rules..."
iptables-restore < /backup/iptables-backup.rules
echo "Previous rules restored"