Strange behavior of iptables — what could be the reason?

Introduction: there is a system, onboard CentOS 7, worked a little over a month with no complaints (not yet rebooted). In one moment, the VDS has rebutals.. and became invisible from the outside. Running VNC look - the system is more than alive, started up, but to sense from it - a little.

First came under attack fail2ban, because his account was already criticism, thought, his paws business. Demolished and re-launched again - to no avail. After that restarted again, and restartovat iptables:
ad34c7eba12549038ea505656aa7eeb3

Watching journalctl -xn:
9897539a49a24c39a6989ded23481e5f

But at the same time, the server begins to respond to requests from the outside! Well, at least something. The table in this pristine:
6a43daec69b84e25ae3ac4bede10d5f3

Then we again try the same method to restart iptables and we have successfully obtained it:
42d3d22cc0824561938d069702ac70d0

And what's more - the rules in the table are initialized and begin to operate:
ec3550ce2a054dcbb7ef198ab84a3922

The contents of /etc/sysconfig/iptables:
# Generated by iptables-save v1.4.21 on Thu Feb 27 10:26:11 2015
*filter
:INPUT ACCEPT [187:43206]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [177:82196]
-A INPUT-i eth0 -p tcp -m tcp --dport 22122 -m state --state NEW-m recent --set --name DEFAULT --mask 255.255.255.255
--rsource
-A INPUT-i eth0 -p tcp -m tcp --dport 22122 -m state --state NEW-m recent --update --seconds 60 --hitcount 4 --name DE
FAULT --mask 255.255.255.255 --rsource -j DROP
-A INPUT -s 82.209.194.0/24 -j DROP
-A INPUT -s 178.54.128.0/17 -j DROP
-A INPUT -s 91.211.140.0/22-j DROP
-A INPUT-i eth0 -p tcp -m tcp --dport 8080 -j DROP
COMMIT
# Completed on Thu Feb 27 10:26:11 2015


And also:
$ cat /proc/version
Linux version 3.10.0-123.20.1.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.2 20140120 (Red Hat 4.8.2-16) (GCC) ) #1 SMP Thu Jan 29 18:05:33 UTC 2015


Note - the question(s):
1. How?!
2. Why?!
3. How to deal with it?!
September 19th 19 at 12:50
1 answer
September 19th 19 at 12:52
Solution
It was included in the daemon, a simple chkconfig firewalld off && reboot was enough. Thanks for the reply!

Find more questions by tags IptablesLinuxCentOS