csfpost.sh not executed after updates

[SharkWipf]

This has been a bug for a long time so I figured I'd make an account and report it.

Whenever CSF (re)starts it's supposed to execute /etc/csf/csfpost.sh.
However, it does not execute this file after auto-updating.

CSF Version: Every version over the past ~year at least, currently running "csf: v11.05 (DirectAdmin)"
Running on CentOS 7 with DirectAdmin.
Csftest shows no problems.

On a related note, is there a better way to deal with Docker on CSF? Currently using this script that I nicked online somewhere, but it's more of a hack than a real solution:

Code: Select all

#!/bin/sh

echo "[DOCKER] Setting up FW rules."

iptables -N DOCKER

# Masquerade outbound connections from containers
iptables -t nat -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE

# Accept established connections to the docker containers
iptables -t filter -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

# Allow docker containers to communicate with themselves & outside world
iptables -t filter -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
iptables -t filter -A FORWARD -i docker0 -o docker0 -j ACCEPT

echo "[DOCKER] Done."

[marcele]

If I remember correctly there was a docker thread where chirpy talked about adding built in docker support. I know I'm seeing it installed on more and more hosts.

viewtopic.php?f=6&t=10284&p=28682&hilit=docker#p28251

I think he's just looking for a working iptables implementation than can detect if docker is installed and apply them automatically.

If /etc/csf/csfpost.sh isn't being run after updates then that should likely be fixed too as thats going to cause a lot of problems.

[DEXO]

Use full path eg

/sbin/iptables............

Worked for me.