ConfigServer Community Forum

Did you find a fix for this? We're experiencing the same with CentOS 8.2.

At the bottom of this article: https://wiki.openvz.org/Setting_up_an_iptables_firewall

You'll find the likely solution:

to enable iptables you need to make sure that CT.conf(CT - id of your container, 100 for example) contains following line:

NETFILTER="full"

Then restart the container.

Except of course, now after auto-updates to CSF these changes are overwritten and now we're back to this problem of connections timing out.

Any word on whether we'll be able to configure the timeout value in a future release?

It appears this is caused by having a large number of rules on each of the cluster members. This causes the restart command on each box to take some time -- longer than the time provided to read the socket of just 5 seconds. To fix this, I changed the socket read time in /usr/bin/csf:702 as follows:...

Hey, Since the update to v10 cluster restarts fail for every member. I run csf -crs or csf --crestart and get: Sent request to <ip0>, no reply Sent request to <ip1>, no reply Sent request to <ip2>, no reply Sent request to <ip3>, no reply Sent request to <ip4>, no reply Sent request to <ip5>, no rep...

I would love to see this too! When a large botnet starts attacking and CSF does its job, it results in 1000+ emails a day! Would much prefer to have a daily digest option with stats about number of IPs blocked, reason, etc.

StatusCake recommends dynamically adding their list of IPs to the firewall... except we can't do that programmatically with CSF because csf.ignore doesn't support Include. The simplest solution would be to have a simple Include line in csf.ignore, then run a script that obtains the latest list of St...

Thanks! I caught that in the changelog Nice to see all the IPv6 additions as well!

We use clustering on all of our servers that are strictly controlled by us and it works great! The power of clustering comes in particularly handy when a DDoS attack is underway as denies for an entire botnet get distributed around to all of our servers if only one gets hit first, preventing future ...

Hi there, I'm on a stock CentOS6 system and have configured csf to read all Plesk domain logs via file globbing. This works great generally, but on some servers with more than roughly 150 or so domains (particularly when we've got nginx and apache running), LFD is reading in a large number of log fi...