This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
I upgraded to cP 11.38.0.16 on 6/14/13. Afterwards (on the same day) I updated all CSF scripts with: curl -s configserver.com/free/csupdate | perl as suggested in the log.
Last night (6/17/13) or early this morning MailScanner stopped running (which hasn't happened in a very long time). In going through the logs to investigate what caused it, I found these entries in...
csf v6.14 has been released. Unfortunately, there was a short window of time where the incorrect version was uploaded to the download server. If you got the following error after the upgrade:
-bash: /usr/sbin/csf: /usr/local/cpanel/3rdparty/bin/perl: bad interpreter: No such file or directory
you can run the following to fix this issue from the root shell:
find /etc/csf/ -type f -exec sed -i...
On 6.05 running csf -r observe the end of output. I copied back csf pl from version 6.03 and the bug is gone, at the point where it stops not sure how much if working or not, however, have verified that csf.redirect is not working on 6.05:
ALLOWIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
INVDROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 state INVALID
INVDROP tcp opt -- in * out *...
I have a couple custom regexes that scans apache access_log and modsec_audit log. The regexes work correctly. When these rules match there is a flood of errors from a single ip, 10's of accesses per second.
Looking at strace, LFD seems to be trying to resolve the hostname for every logline that matches the pattern? Is this correct? On hosts with...
Hi, I have CSF run and send me a server check report weekly. But for the last 3-4 weeks it hasn't gotten past the first check. The report looks something like:
Check whether csf is enabled
open3: exec of iptables -L INPUT -n failed at /etc/csf/servercheck.pm line 163
When I run the report either from WHM or from bash, it generates the entire report without error. It's just the automated...
I run CSF on an OpenVZ VPS which automatically updated to the latest version (5.76) about an hour ago. Before the update there were no problems at all, but since the update I now get an error although all required modules are enabled. I've disabled automatic updates for my other VPS's and servers as I think this might be a bug.
Error: Error processing command for line (10 times): , at line 1114...
Hi, I have a server with CSF running about one year. Recently, I found the CSF is not running. I am able to start my iptables, but get the following error when restart CSF. Any idea? Thanks.
Undefined subroutine &Time::HiRes::sleep called at /etc/csf/csf*pl(this is not URL) line 3161, line 2.
iptables: Unknown error 4294967295
CONNLIMIT tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:25...
I've tried several times and CSF 5.66 won't update to 5.67, no error shown at the end. Please let me know what info to provide and I'll be happy to do so.
I used this product for more than 3 years and never happened this. Since yesterday and after my CSF upgraded form vers-5.65 to 5.66 my csf.deny file doesnt accept any more lines, showing this lots of messages in my lfd-log:
Oct 28 06:44:07 moche lfd : *Error*: csf output: deny failed: tcp|in|d=22|s=37.55.225.145 is in already in the deny file /etc/csf/csf.deny 68 times
Oct 28...
When editing csf.logfiles through the UI (using the lfs-> lfd Log Scanner Files button), the edits aren't saved, even though I click the Change button at the bottom. I've tried this twice today and verified through viewing the file via SSH that the file isn't changing.
When I edit the file directly using vi, the changes are saved, including after lfd is restarted.
It works perfectly for IPV4 but with IPV6 now being used more and more I've found this happening :-
: Network class C has been blocked
IP addresses that triggered the block
Sat Aug 4 00:46:03 2012 2a01:00c0:0002:0004:0216:3eff:fe0d:266d
Sat Aug 4 00:46:23 2012 2a02:2498:0001:003d:5054:00ff:fed3:e91a
Sat Aug 4 02:56:36 2012 2a01:00c0:0002:0004:0216:3eff:fe0d:266d...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum