CSF 7.0.3 -- problem on all VPS servers

[basic1]

Dear All:

We use CSF since three years and never had any problems. Great script!

Since about 48 hours, though, there is a problem with CSF running on Linux VPS servers (both, with node running 5.x and 6.5 of CentOS, and the VPS themselves running 6.5). This seems independent of the control panel installed in the VPS -- I see it in case of DirectAdmin as well as cPanel.

Before posting here I tried really hard to find the cause, but I cannot. If running CSF (and I also tried re-installing it) either websites and SSH are inaccessible, or, in some cases, extremely slow.

Was there any recent CSF upgrade ... e.g. from 7.0.2 to 7.0.3 (we have this set to "auto-upgrade") in the past three days. It *seems* (at least on one server) that the problems only start after rebooting the VPS.

Doing the "csftest" I get this -- but that is how it always looked, if I recall that correctly.

---------------
[root@secure csf]# ./csftest...
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...FAILED [Error: iptables: No chain/target/match by that name.] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for MESSENGER feature
Testing iptable_nat/ipt_DNAT...FAILED [Error: FATAL: Module ip_tables not found.] - Required for csf.redirect feature

RESULT: csf will function on this server but some features will not work due to some missing iptables modules [3]
root@secure [/etc/csf]#

RESULT: csf will function on this server but some features will not work due to some missing iptables modules [3]
---------------


Any ideas ... anyone experiencing the same?

John

[ForumAdmin]

The last csf update was back in May:
http://blog.configserver.com/?p=2227

We cannot help much with Virtuozzo/OpenVZ virtual servers as too much depends on the host node, but I would guess that it is an issue with the kernel being used.

[basic1]

>> I would guess that it is an issue with the kernel being used.

The kernel was NOT being upgraded recently. Since the problems started all at the same time at different nodes (physical servers) I therefore wondered if CSF was in the past 5 or 6 days upgraded (I am not sure when 7.0.3 replaced 7.0.2)?

Thanks!
John

[Sarah]

7.03 came on on the 9th of May as in the link Jonathan provided. If you have auto update configured, that's when csf would have been upgraded on your servers. There have been no updates since then.

[basic1]

My apologies for not having replied to your last posting earlier.
I *think* version 7.0.3 must have introcuced some feature that creates problems on VPS servers. But that seems to start only after the VPS is rebooted. We still have some VPS where everything works fine, but these have all not rebooted. As soon as I reboot, the firewall cuts off access to port 80 and SSH ... Different OS versions on both the node and the containers.

John

[basic1]

UPDATE:
This is scary ... I replaced CSF with APF (which we used until three years ago). The exact same problems here on a VPS. Websites are VERY slow, https:// sites getting "blocked" for maybe 30 seconds before they show.
Anyone has an idea what that could be? ... All worked great until 10 days ago, and this happens on various servers with various OS versions and control panels.

John

[basic1]

Got the problem solved by simply adding:
ETH_DEVICE = “venet0”
in the CSF settings.

I don't know wht it worked without that before ....

John