csf cannot be started when SMTP_BLOCK is enabled

[nigelbb]

I have installed csf on my Xen virtual server that I manage with WHM/cPanel & am now trying to configure it to tighten up security. I tried enabling SMTP_BLOCK but when I do this CSF fails with the rather unhelpful error messages below. Any ideas how to fix this?

Code: Select all

DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:25 
iptables: Unknown error 4294967295
ACCEPT  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:25 OWNER UID match 0 
Error: Error processing command for line [589] (10 times): [iptables: Unknown error 4294967295], at line 589

...Done.

Restarting lfd...

Stopping lfd:[  OK  ]
[  OK  ]
Starting lfd:
Error: You have an unresolved error when starting csf. You need to restart csf successfully before starting lfd (see /etc/csf/csf.error)
[  OK  ]

[nigelbb]

I forgot to mention that running the csf test script all looks OK

Code: Select all

Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server

[peterelsner]

Had the same problem on one server. Disabled the SMTP_BLOCK, started csf, and then enabled SMTP_BLOCK again and restarted csf and it worked. No idea why...