This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Recent integration with systemd doesn't work properly on latest Debian Testing, which results in broken startup and lack of lfd after update.
In the log, we can clearly see that:
„lfd.service” -> „/usr/lib/systemd/system/”
cp: nie można utworzyć zwykłego pliku „/usr/lib/systemd/system/”: Nie jest katalogiem
„csf.service” -> „/usr/lib/systemd/system/”
cp: nie można utworzyć zwykłego pliku...
In csf ver 7.59 on CentOS 6.6 with WHM 11.46.2 (build 4), when we try to compare profile configurations by selecting protection_high as first config and /etc/csf/csf.conf (current config) as second config, it doesn't show anything! However, if we select protection_medium or protection_low, it then shows the table of comparision. Is this a bug or are we doing something wrong?!!
I just happened to notice that I am able to add the same IP as many times as I want via the Quick Deny. Checking another server, I'm not, as expected.
csf: v7.58
since I added country CA & US to CC_allow_ports , when CSF restarts, I receive that error:
csf: FASTSTART loading CC_ALLOW_PORTS (IPv4)
csf: FASTSTART loading CC_ALLOW_PORTS (IPv4)
CC_ALLOWP all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED
Error: Connection timeout! at /usr/sbin/lfd line 7422, line 61....
I just upgraded to v7.55, and changed a couple of settings based on what the changelog listed as being changed on new installs, but nothing to do with any debug settings. After saving the settings through the cPanel/WHM UI, I see this warning :
When configuring LF_BIND for detection of repeated BIND denied requests, LFD detects and temporarily blocks TCP port 53 for the offending IP address but leaves UDP port 53 open for the attacks to continue. This can be verified by examining the temporary block list and the active IP tables rules.
I keep getting the notification when clicking Check Server Security. It says:
Unable to resolve nameserver within 5 seconds
Unable to resolve nameserver within 5 seconds
I have a feeling it has to do with the fact that those are my IPv6 nameserver entries. Is this something that CSF doesn't support yet? Currently ns1 and ns2 are IPv4 while ns3 and ns4 are IPv6. I have tested extensively through...
Hi, on my RHEL v6.5 server CSF logs only one line per firewall hit in the systems /var/log/messages logfile.
But for some reason on a new Centos 7 server I'm setting up all logs are reproduced two times.
One time with a timestamp before the Firewall: part, the other directly as-is like on my Centos 6.5 system:
charts.html, graphs.html is saved to /tmp correctly but all images are saved as:
/tmplfd_cc.gif
/tmplfd_hour.gif
/tmplfd_month.gif
/tmplfd_pie_day.gif
/tmplfd_pie_hour.gif
/tmplfd_pie_year.gif
/tmplfd_systemday.gif
/tmplfd_systemhour.gif
/tmplfd_systemmonth.gif
/tmplfd_systemweek.gif
/tmplfd_year.gif
I think the path is missing the last slash on the...
Error processing command for line (6 times): , at line 1301
Sorry if this is not the correct subforum to put this in. I did use the search function of both this forum and Google in general. I submitted a ticket with the helpdesk but got sent to the forums, so I'll just copy/paste the ticket contents.
-bash-3.2# uname -a
Linux 3.8.2 #6 SMP Thu Jun 27 16:29:32 UTC 2013 i686 i686 i386 GNU/Linux...
Hi,
am using VPS VZZO machine, I recently face very critical issue that csf firewall blocks all ports of the server globally automatically.
I install csf firewall by default setting but now after a day its block my all ports and now am unable to access server.
Kindly tell me how I can access my VPS without lossing data.
Even SSH each and every thing blocked.
I've noticed for awhile that CSF stops accepting certain ports occasionally. Noticeably, they seem to coincide with auto updates. For example, the 7th-9th saw an update each night, and each night I got an emergency call that a ddos protection proxy host we use (similar to cloudflare, but for game servers), wasn't able to pass traffic through.
A 'csf -r' resolves this. The setup of part of this...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum