Allow a user to connect to a specific socket in 127.0.0.1

[acenetgeorge]

Greetings,

cPanel introduced a check for the Dovecot LMTP process that connects as root to 127.0.0.1 on the socket /var/run/dovecot/lmtp.

How exactly would you whitelist something like this in CSF? Have been searching for the last half hour, and am not seeing anything. Maybe I am just overlooking things, but am really confused at this point.


cPanel says ... "To resolve this issue, either open the firewall to allow connections as the root user to “127.0.0.1:/var/run/dovecot/lmtp” or disable checks for this service in WHM’s “Service Manager” interface"

Disabling checks is not really an option, as we want to know if it actually goes down.

Thanks for any help!!!

-- George Yedinak

[ForumAdmin]

csf does not block access to 127.0.0.1 except for the SMTP_BLOCK option. That option does not block access from root. So, the firewall should never block any connections to the localhost IP. Further, /var/run/dovecot/lmtp is a unix socket which should have nothing at all to do with iptables.

[acenetgeorge]

That's what I thought... I was really struggling with this. Thank you so much!