In order to sort (some) compatibility with Docker and CSF https://forum.configserver.com/viewtopi ... 4cd630d69b we are working on an approach to allow docker to handle its iptables adding a chain on prerouting added in csfpost.sh
The problem is that for this to work we need to store all docker generated chains on each csf restart and reload them in csfpost.sh
For my surprise, csfpre.sh is not executed first on that process. CSF first clears all iptables chains and then execute it, leaving our intention to save it on "pre" and restore it on "post" unusable.
Any other alternative for this? Could I also mention that I don't find that procedure very logic! If csfpost is executed only when csf has finished generating, shouldn'ty it not csfpre behave the same way?