i think there is no way to start or reload firewall in v1.7 rc
have installed on openvz and does not work
so i decided to write this small script
#!/bin/bash
delete existing iptables rules
iptables -F
drop all incoming connections
iptables -P INPUT DROP
iptables -P FORWARD DROP
allow all outgoing conections
iptables -P OUTPUT ACCEPT
SSH allow
iptables -A INPUT -j ACCEPT -p tcp --dport 58742
HTTP allow
iptables -A INPUT -j ACCEPT -p tcp --dport 80
iptables -A INPUT -j ACCEPT -p tcp --dport 443
cyberpanel and services allow (tcp)
iptables -A INPUT -j ACCEPT -p tcp --dport 25
iptables -A INPUT -j ACCEPT -p tcp --dport 8090
iptables -A INPUT -j ACCEPT -p tcp --dport 8891
iptables -A INPUT -j ACCEPT -p tcp --dport 993
iptables -A INPUT -j ACCEPT -p tcp --dport 995
iptables -A INPUT -j ACCEPT -p tcp --dport 7080
iptables -A INPUT -j ACCEPT -p tcp --dport 587
iptables -A INPUT -j ACCEPT -p tcp --dport 5003
iptables -A INPUT -j ACCEPT -p tcp --dport 110
iptables -A INPUT -j ACCEPT -p tcp --dport 143
iptables -A INPUT -j ACCEPT -p tcp --dport 465
iptables -A INPUT -j ACCEPT -p tcp --dport 53
iptables -A INPUT -j ACCEPT -p tcp --dport 21
cyberpanel and services allow (udp)
iptables -A INPUT -j ACCEPT -p udp --dport 53
iptables -A INPUT -j ACCEPT -p udp --dport 35476
allow localhost example php to local database
iptables -A INPUT -j ACCEPT -s 127.0.0.1
allow established connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
small and fine^^