[SOLVED] How to stop CSF from removing my custom rules?
Posted: 04 Nov 2016, 03:21
I have the following rules:
Set on the file csfpre.sh but after certain amount of time CSF will simple remove these rules from my live iptables, how can I stop it from doing that? XXX is my actual IP's which I removed for obvious reasons.
I further have the netblock 10.8.0.0 whitelisted.
I identified the issue by issuing a iptables-save before and after...
-- UPDATE
Just found this thread https://forum.configserver.com/viewtopi ... 931#p26857 which seems interesting, I will try that and report in case this happens again.
Code: Select all
# vpn ip to specific server ip
iptables -t nat -A POSTROUTING -s 10.8.0.5/32 -j SNAT --to-source XXX.XXX.XXX.2
iptables -t nat -A POSTROUTING -s 10.8.0.9/32 -j SNAT --to-source XXX.XXX.XXX.3
iptables -t nat -A POSTROUTING -s 10.8.0.13/32 -j SNAT --to-source XXX.XXX.XXX.4
iptables -t nat -A POSTROUTING -s 10.8.0.17/32 -j SNAT --to-source XXX.XXX.XXX.5
iptables -t nat -A POSTROUTING -s 10.8.0.21/32 -j SNAT --to-source XXX.XXX.XXX.6
# Accept input on tun0
iptables -A INPUT -i tun0 -j ACCEPT
# vpn to vpn
iptables -A FORWARD -i tun0 -o tun0 -j ACCEPT
# vpn to ethernet
iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT
# ethernet to vpn
iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
# Accept output on tun0
iptables -A OUTPUT -o tun0 -j ACCEPTI further have the netblock 10.8.0.0 whitelisted.
I identified the issue by issuing a iptables-save before and after...
-- UPDATE
Just found this thread https://forum.configserver.com/viewtopi ... 931#p26857 which seems interesting, I will try that and report in case this happens again.