LFD super slow to stop or restart seeing this in logs 15 sec. timeout performing iptables_log

[fonewiz]

I have CSF installed on multiple servers for a number of years. I have one server that takes a very long time (45 to 70 seconds) to stop or restart LFD. I can restart CSF and it restarts quickly/normally. Only LFD is an issue.

I have been investigating this off and on for a few days and it's driving me crazy. I thought maybe a log file got HUGE or something and LFD is having an issue reading it. I haven't found any crazy huge log files yet. BUT... I see this below in constantly, a few times a minute in my lfd.log.

Any idea where this log lives so I can check the size? Any idea why this error is happening or how to fix the error in the logs and/or diagnose this slow stop/restart issue of LFD? Google, searching this forum and a number of other places has resulted in no help unfortunately. Appreciate any help, thanks..


Feb 15 20:50:28 servername lfd[25226]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:28 servername lfd[25227]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:28 servername lfd[25225]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:33 servername lfd[25234]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:38 servername lfd[25239]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:53 servername lfd[25253]: STATS: 15 sec. timeout performing iptables_log

[fonewiz]

ConfigServer Security & Firewall version 14.15
CentOS Linux 7.4.1708

If that helps.

[Sergio]

Don't know if this apply to you but, Do you have configured external Block Lists in that server under LFD BLOCKLIST?
That could be one reason.

If you read the instructions:
# Note: Some of these lists may be very long and could cause serious network
# and/or performance issues unless you are using LF_IPSET in csf, so setting a
# value for the MAX field should be considered