Server inaccessible after reboot
Posted: 13 May 2013, 23:29
Hi. I installed CSF and configured it to lock down my server. Everything seemed to be working fine (blocked ports were blocked, unblocked ports were unblocked, etc.). Testing mode is off. When I did a reboot, I was unable to access the server. After going in via the console, I could see that there was no network accessibility. No services could listen, ifconfig showed no IP addresses, I couldn't access any nameservices (all of this worked before the reboot).
I disabled csf (csf -x) and then did a "service network restart" and everything came back. I then re-enabled csf (csf -e) and all my security was back as well.
Any idea what to do here? I was thinking that I could delay the init script (e.g. S99csf instead of S15csf), but I want to make sure I'm not missing something obvious.
Thanks!
P.S. I'm not sure if it matters, but most of the tests were successful:
I disabled csf (csf -x) and then did a "service network restart" and everything came back. I then re-enabled csf (csf -e) and all my security was back as well.
Any idea what to do here? I was thinking that I could delay the init script (e.g. S99csf instead of S15csf), but I want to make sure I'm not missing something obvious.
Thanks!
P.S. I'm not sure if it matters, but most of the tests were successful:
Code: Select all
# perl /etc/csf/csftest. (.pl - removed because the forum won't allow me to "post url links" - not sure if there's a bug in the forum?)
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...FAILED [Error: iptables: Unknown error 4294967295] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf will function on this server but some features will not work due to some missing iptables modules [1]
