ConfigServer Community Forum

Posted: **16 Nov 2020, 22:51**

I'm running CentOS 7 with csf v14.08. If i log into webmin and restart CSF it works fine. If i go to restart LFD, it shows a blank response and says done. But on SSH, it says that the LFD restart is pending, and will stay that way for 90s until it times out and the service is killed. Which after that, the webmin interface dies. Here is the service status log before, during and after I try to restart from webmin.

Code: Select all

[root@filter csf]# systemctl status lfd -l
● lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-11-16 22:19:48 UTC; 8min ago
  Process: 3706 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
 Main PID: 3719 (lfd - sleeping)
   CGroup: /system.slice/lfd.service
           ├─3719 lfd - sleepin
           └─3725 lfd U

Nov 16 22:19:48 filter lfd[3719]: SSH Tracking...
Nov 16 22:19:48 filter lfd[3719]: Webmin Tracking...
Nov 16 22:19:48 filter lfd[3719]: SU Tracking...
Nov 16 22:19:48 filter lfd[3719]: Console Tracking...
Nov 16 22:19:48 filter lfd[3719]: Watching /var/log/maillog...
Nov 16 22:19:48 filter lfd[3719]: Watching /var/log/messages...
Nov 16 22:19:48 filter lfd[3719]: Watching /var/log/secure...
Nov 16 22:19:48 filter lfd[3719]: Watching /var/log/customlog...
Nov 16 22:19:48 filter lfd[3719]: Watching /var/log/httpd/error_log...
Nov 16 22:19:48 filter lfd[3733]: *User Processing* PID:14032 Kill:0 User:centos Time:2713 EXE:/usr/bin/bash CMD:-bash

[root@filter csf]# systemctl status lfd -l
● lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
   Active: deactivating (stop-sigterm) since Mon 2020-11-16 22:28:59 UTC; 1min 6s ago
  Process: 3706 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
 Main PID: 3719 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/lfd.service
           ├─5131 lfd - sleepin
           └─5137 lfd U

Nov 16 22:28:59 filter lfd[5131]: SSH Tracking...
Nov 16 22:28:59 filter lfd[5131]: Webmin Tracking...
Nov 16 22:28:59 filter lfd[5131]: SU Tracking...
Nov 16 22:28:59 filter lfd[5131]: Console Tracking...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/maillog...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/messages...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/secure...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/customlog...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/httpd/error_log...
Nov 16 22:28:59 filter lfd[5145]: *User Processing* PID:14032 Kill:0 User:centos Time:3264 EXE:/usr/bin/bash CMD:-bash

[root@filter csf]# systemctl status lfd -l
● lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
   Active: failed (Result: timeout) since Mon 2020-11-16 22:30:29 UTC; 30s ago
  Process: 3706 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
 Main PID: 3719 (code=exited, status=0/SUCCESS)

Nov 16 22:28:59 filter lfd[5131]: Console Tracking...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/maillog...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/messages...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/secure...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/customlog...
Nov 16 22:28:59 filter lfd[5131]: Watching /var/log/httpd/error_log...
Nov 16 22:28:59 filter lfd[5145]: *User Processing* PID:14032 Kill:0 User:centos Time:3264 EXE:/usr/bin/bash CMD:-bash
Nov 16 22:30:29 filter systemd[1]: lfd.service stop-sigterm timed out. Killing.
Nov 16 22:30:29 filter systemd[1]: Unit lfd.service entered failed state.
Nov 16 22:30:29 filter systemd[1]: lfd.service failed.

For what it's worth, if i run csftest.pl this is what i get:

Code: Select all

[root@filter modules-load.d]# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server

Posted: **16 Dec 2020, 17:26**

We are unable to recreate a problem. Ran on a fresh CentOS v7.9 install with webmin v1.962.

From within webmin after clicking lfd restart:

Code: Select all

● lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2020-12-16 17:23:27 GMT; 21ms ago
  Process: 9019 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
 Main PID: 9032 (lfd - starting)
   CGroup: /system.slice/lfd.service
           ├─9032 lfd - startin
           └─9035 /usr/bin/systemctl is-active firewalld

Dec 16 17:23:27 webmin.webumake.net systemd[1]: lfd.service: main process exited, code=killed, status=9/KILL
Dec 16 17:23:27 webmin.webumake.net systemd[1]: Stopped ConfigServer Firewall & Security - lfd.
Dec 16 17:23:27 webmin.webumake.net systemd[1]: Unit lfd.service entered failed state.
Dec 16 17:23:27 webmin.webumake.net systemd[1]: lfd.service failed.
Dec 16 17:23:27 webmin.webumake.net systemd[1]: Starting ConfigServer Firewall & Security - lfd...
Dec 16 17:23:27 webmin.webumake.net systemd[1]: Can't open PID file /run/lfd.pid (yet?) after start: No such file or directory
Dec 16 17:23:27 webmin.webumake.net systemd[1]: Started ConfigServer Firewall & Security - lfd.

in /var/log/lfd.log:

Code: Select all

Dec 16 17:23:27 webmin lfd[1777]: Main Process: TERM
Dec 16 17:23:27 webmin lfd[1777]: daemon stopped
Dec 16 17:23:27 webmin lfd[9032]: daemon started on webmin.webumake.net - csf v14.08 (generic)
Dec 16 17:23:27 webmin lfd[9032]: LF_APACHE_ERRPORT: Set to [2]
Dec 16 17:23:27 webmin lfd[9032]: Restricting syslog/rsyslog socket acccess to group [mysyslog]...
Dec 16 17:23:27 webmin lfd[9032]: CSF Tracking...
Dec 16 17:23:27 webmin lfd[9032]: IPv6 Enabled...
Dec 16 17:23:27 webmin lfd[9032]: LOAD Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Country Code Lookups...
Dec 16 17:23:27 webmin lfd[9032]: System Integrity Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Exploit Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Directory Watching...
Dec 16 17:23:27 webmin lfd[9032]: Temp to Perm Block Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Process Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Account Tracking...
Dec 16 17:23:27 webmin lfd[9032]: SSH Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Webmin Tracking...
Dec 16 17:23:27 webmin lfd[9032]: SU Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Console Tracking...
Dec 16 17:23:27 webmin lfd[9032]: Watching /var/log/messages...
Dec 16 17:23:27 webmin lfd[9032]: Watching /var/log/secure...
Dec 16 17:23:27 webmin lfd[9032]: Watching /var/log/customlog...
Dec 16 17:23:27 webmin lfd[9032]: Watching /var/log/httpd/error_log...

ConfigServer Community Forum

Unable to restart LFD from webmin

Unable to restart LFD from webmin

Re: Unable to restart LFD from webmin