Hello,
I'm currently setup using CSF/LFD on a cPanel/WHM server. Tonight I was messing around with iptables adding some rules to open ports through SSH, encountered some issues so for troubleshooting reasons I went into CSF and clicked "Firewall Configuration" added the ports I needed opened then saved and restarted csf/iptables. It appeared some of the rules I had added earlier seemed to be gone. Now this wasn't a big deal it was a few simple rules. But it got me wondering, obviously the web interface isn't pulling the open ports from iptables when it fills the text field but a seperate file, and when saving it must just compile this into rules and completely overwrite the current iptables rules getting rid of any rules not added through the csf web configuration?
I just want to clarify on this and make sure it wasn't something else I overlooked. This will be good to know when in the future.
Thanks
CSF Webinterface overwrite iptables rules?
-
thekraken476
- Junior Member
- Posts: 1
- Joined: 29 Dec 2014, 07:25
Re: CSF Webinterface overwrite iptables rules?
You can easily add your own custom iptables rules to either the csfpre.sh or csfpost.sh files:thekraken476 wrote: But it got me wondering, obviously the web interface isn't pulling the open ports from iptables when it fills the text field but a seperate file, and when saving it must just compile this into rules and completely overwrite the current iptables rules getting rid of any rules not added through the csf web configuration?
See section 17 "External Pre- and Post- Scripts" of the CSF readme:
http://download.configserver.com/csf/readme.txt