POSTROUTING NAT rules are lost on each CSF auto update
Posted: 22 Apr 2016, 13:11
Hi,
I've had this problem for a while now, each time CSF auto updates, my NAT rules in /etc/csf/csfpre.sh are lost in the iptables chain. As the server in question is a VPN server, these rules are required for internet access, all VPN clients thus lose internet connectivity every time CSF updates itself.
The fix is relatively simple, restarting csf with "csf -r" will re-apply the rules, however this has to be done each time CSF is updated. I could disable CSF auto updates, but that would be a potential security issue.
Alternatively I could script something to workaround this, but I thought I should report it here.
Thanks.
I've had this problem for a while now, each time CSF auto updates, my NAT rules in /etc/csf/csfpre.sh are lost in the iptables chain. As the server in question is a VPN server, these rules are required for internet access, all VPN clients thus lose internet connectivity every time CSF updates itself.
The fix is relatively simple, restarting csf with "csf -r" will re-apply the rules, however this has to be done each time CSF is updated. I could disable CSF auto updates, but that would be a potential security issue.
Alternatively I could script something to workaround this, but I thought I should report it here.
Thanks.