Hi,
I've had this problem for a while now, each time CSF auto updates, my NAT rules in /etc/csf/csfpre.sh are lost in the iptables chain. As the server in question is a VPN server, these rules are required for internet access, all VPN clients thus lose internet connectivity every time CSF updates itself.
The fix is relatively simple, restarting csf with "csf -r" will re-apply the rules, however this has to be done each time CSF is updated. I could disable CSF auto updates, but that would be a potential security issue.
Alternatively I could script something to workaround this, but I thought I should report it here.
Thanks.
POSTROUTING NAT rules are lost on each CSF auto update
Re: POSTROUTING NAT rules are lost on each CSF auto update
I am experiencing the same problem, but hadn't isolated the symptoms yet to the auto update.
If I append to /etc/cron.d/csf_update would that be a good fix or is that file overwritten on update?
If I append
Code: Select all
&& /usr/sbin/csf -r