So we're running a Proxmox server with several LXC containers, Proxmox is Debian, and Containers are Centos 7. We install CSF on both the Host and the Containers.
We configured everything properly and running 'perl /usr/local/csf/bin/csftest.pl' under the container gives OK on all tests:
# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf should function on this server
Yet I noticed that the LOG entries, the "Firewall: *UDP_IN Blocked* " ones, don't appear for the Container, only for the Host. I realize that it's because these are Kernel level entries which is shared between the host and the Container, but the container ones don't appear at all, there are no entries at all relating to the container (I can tell by the DPT IP).
Is there any way to have these log entries working on the container? It's important for us to know which connections are being blocked on the container.
Do note that all the IPtables rules on the container work properly, as does CSF in general, it's just this logging issue.