I first went looking for a solution as to why connecting to FTP on my new CentOS 5.3 server was very slow. I found this post that had the answer: http://www.electrictoolbox.com/directory-listing-slow-ftp-server-centos/
The gist of it is to edit /etc/sysconfig/iptables-config and add the following:
IPTABLES_MODULES="ip_conntrack_ftp"
However, the big lesson here is that if you reload your iptables now you may end up losing a lot of your rules. In fact I did this and my website (and every other service) immediately was unable to connect. I was extremely lucky that I was just playing around a few minutes before with how to back up the existing rules. So before you do anything with iptables, run this first to export your currently active rules:
iptables-save -c > /etc/iptables-save
Now proceed to reloading your iptables-config:
/etc/init.d/iptables restart
Then make sure to re-apply the rules you saved with iptables-save by using iptables-restore:
cat /etc/iptables-save | iptables-restore -c
Now I don’t pretend to be any expert on iptables. I’m sure that someone very experienced with iptables will be able to tell that right away and maybe even provide a better solution. I just know that my limited experience tells me that the rules I have set in my iptables config files are less than what’s actually active right now. My guess (and I cannot confirm this) is that Plesk applied many of the rules I had in place. I had also applied a few of my own rules using the iptables command and I didn’t edit any config files so that was my first hint that what is actually running at the moment is not from config files alone.
So unless you are very experienced with iptables, do yourself a favor and use iptables-save before making any changes to your config files and/or restarting iptables.
References:
Directory listings slow with ftp server and CentOS
iptables-save
iptables-restore
