ConfigServer Community Forum

I have CSF installed on multiple servers for a number of years. I have one server that takes a very long time (45 to 70 seconds) to stop or restart LFD. I can restart CSF and it restarts quickly/normally. Only LFD is an issue.

I have been investigating this off and on for a few days and it's driving me crazy. I thought maybe a log file got HUGE or something and LFD is having an issue reading it. I haven't found any crazy huge log files yet. BUT... I see this below in constantly, a few times a minute in my lfd.log.

Any idea where this log lives so I can check the size? Any idea why this error is happening or how to fix the error in the logs and/or diagnose this slow stop/restart issue of LFD? Google, searching this forum and a number of other places has resulted in no help unfortunately. Appreciate any help, thanks..


Feb 15 20:50:28 servername lfd[25226]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:28 servername lfd[25227]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:28 servername lfd[25225]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:33 servername lfd[25234]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:38 servername lfd[25239]: STATS: 15 sec. timeout performing iptables_log
Feb 15 20:50:53 servername lfd[25253]: STATS: 15 sec. timeout performing iptables_log

ConfigServer Security & Firewall version 14.15
CentOS Linux 7.4.1708

If that helps.

Don't know if this apply to you but, Do you have configured external Block Lists in that server under LFD BLOCKLIST?
That could be one reason.

If you read the instructions:
# Note: Some of these lists may be very long and could cause serious network
# and/or performance issues unless you are using LF_IPSET in csf, so setting a
# value for the MAX field should be considered