Hello,
We are unable to reach the websites on the server when csf is enabled. Upon checking, the ip is not blocked as per lfd.log. However "/var/log/messages" has full of similar messages as below:.
--------------------------------------------------
Sep 10 05:14:59 eeg kernel: [2144786.604936] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=fa:16:3e:a8:d8:45:00:1c:73:57:7f:c5:08:00 SRC=185.81.xxx.xxx DST=yyy.yyy.23.46 LEN=60 TOS=0x08 PREC=0x20 TTL=47 ID=36972 DF PROTO=TCP SPT=58396 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Sep 10 05:15:03 eeg kernel: [2144790.948329] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=fa:16:3e:a8:d8:45:00:1c:73:57:7b:97:08:00 SRC=185.81.xxx.xxx DST=yyy.yyy.23.46 LEN=60 TOS=0x08 PREC=0x20 TTL=47 ID=61953 DF PROTO=TCP SPT=40971 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
-------------------------------------------------
As you can see, for some reasons, the incoming connections are being dropped. If I disable the csf firewall, the problem stops.
OS: CentOS release 6.8
cPanel: 11.58.0.27
I am not sure what parameter to tweak. Both connection tracker and synflood is disabled.
Any suggestions is appreciated.
Abdul.
CSF dropping connections
Re: CSF dropping connections
Check the following:
ETH_DEVICE_SKIP = eth0
ETH_DEVICE_SKIP = eth0
Re: CSF dropping connections
Hi,
Thank you for your reply.
Would adding "ETH_DEVICE_SKIP = eth0" stop all the purpose of CSF?. Will the brute force and other connections checking will work after adding that?.
Abdul
Thank you for your reply.
Would adding "ETH_DEVICE_SKIP = eth0" stop all the purpose of CSF?. Will the brute force and other connections checking will work after adding that?.
Abdul