The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bad things happen with my CFS and CPANEL!

Discussion in 'General Discussion' started by rohit09, Dec 18, 2010.

  1. rohit09

    rohit09 Well-Known Member

    Joined:
    Dec 10, 2010
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Look!
    This is starter - I install cPanel and I install CSF net. on defaults mode I just active my CSF..

    That's it..

    Now my clients and even me - can't access the CSF. Some of CSF users and forums told me to Flush the CSF! I delete the csf.deny file.. But it show it your CSF enable but Stop. so.. Again I start Googleing and get - deactive my CSF and make it active again.. I did..

    Code:
    Error: Could not open /etc/csf/csf.deny: No such file or directory, at line 1101
    
    
    ...Done.
    
    Restarting lfd...
    
    Stopping lfd:[FAILED]
    [  OK  ]
    Starting lfd:
    Error: You have an unresolved error when starting csf. You need to restart csf successfully before starting lfd
    [  OK  ]
    
    
    ...Done.
    Still my CSF stop. And I know if I install it again and active it.. It's going to my SERVER offline.. After server offline I used every thing VPN, Proxy, gotossh everything but fail!

    So plz Give me a good solution where I can enable CSF and it will be working good! :)

    Thank you.
     
    #1 rohit09, Dec 18, 2010
    Last edited: Dec 18, 2010
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,476
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You shouln't delete the file, thats why you have this error. You'll need to replace that file and then read up on using CSF properly. ConfigServer does offer installation for a fee I believe, you might like to look into that.
     
  3. twhiting9275

    twhiting9275 Well-Known Member

    Joined:
    Sep 26, 2002
    Messages:
    538
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    how to fix this? Quite simple. As root (in ssh):
    Code:
    touch /etc/csf/csf.deny
    service csf restart
    
    Not sure why you had it removed in the first place?
    What they (probably) meant by 'flush csf' is this
    Code:
    service csf restart
    
    or if you REALLY want to remove the bad people, do this:
    Code:
    rm -rf /etc/csf/csf.deny
    touch /etc/csf/csf.deny
    service csf restart
    service lfd restart
    
     
  4. rohit09

    rohit09 Well-Known Member

    Joined:
    Dec 10, 2010
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Re: Bad things happen with my CSF and CPANEL!

    See my iptables module test

    Now see my CSF restart result
    Code:
    Restarting csf...
    
    Flushing chain `INPUT'
    Flushing chain `FORWARD'
    Flushing chain `OUTPUT'
    Flushing chain `acctboth'
    Deleting chain `acctboth'
    Restarting bandmin acctboth chains for cPanel
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:67 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:67 
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:68 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:68 
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:111 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:111 
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:113 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:113 
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpts:135:139 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpts:135:139 
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:445 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:445 
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:513 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:513 
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:520 
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:520 
    LOG  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* ' 
    LOG  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_OUT Blocked* ' 
    LOG  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_IN Blocked* ' 
    LOG  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *UDP_OUT Blocked* ' 
    LOG  icmp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_IN Blocked* ' 
    LOG  icmp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *ICMP_OUT Blocked* ' 
    DROP  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  
    DROP  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  
    INVDROP  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  state INVALID 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x3F/0x00 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x3F/0x3F 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x03/0x03 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x06/0x06 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x05/0x05 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x11/0x01 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x18/0x08 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:0x30/0x20 
    INVDROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp flags:!0x17/0x02 state NEW 
    DROP  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  
    INVALID  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  
    INVALID  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  
    DROP  all opt -- in !lo out *  186.9.112.106  -> 0.0.0.0/0  
    DROP  all opt -- in * out !lo  0.0.0.0/0  -> 186.9.112.106  
    DROP  all opt -- in !lo out *  67.159.22.158  -> 0.0.0.0/0  
    DROP  all opt -- in * out !lo  0.0.0.0/0  -> 67.159.22.158  
    DROP  all opt -- in !lo out *  119.196.21.224  -> 0.0.0.0/0  
    DROP  all opt -- in * out !lo  0.0.0.0/0  -> 119.196.21.224  
    ACCEPT  all opt -- in !lo out *  117.194.4.54  -> 0.0.0.0/0  
    ACCEPT  all opt -- in * out !lo  0.0.0.0/0  -> 117.194.4.54  
    ACCEPT  all opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state RELATED,ESTABLISHED 
    ACCEPT  all opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state RELATED,ESTABLISHED 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:20 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:21 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:22 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:25 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:53 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:80 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:110 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:143 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:443 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:465 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:587 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:993 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:995 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2077 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2078 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2082 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2083 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2086 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2087 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2095 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2096 
    ACCEPT  tcp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpts:30000:50000 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:20 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:21 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:22 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:25 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:37 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:43 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:53 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:80 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:110 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:113 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:443 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:587 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:873 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2087 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2089 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW tcp dpt:2703 
    ACCEPT  udp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:20 
    ACCEPT  udp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:21 
    ACCEPT  udp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:53 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:20 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:21 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:53 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:113 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:123 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:873 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  state NEW udp dpt:6277 
    ACCEPT  icmp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  icmp type 8 limit: avg 1/sec burst 5 
    ACCEPT  icmp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  icmp type 0 
    ACCEPT  icmp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  icmp type 8 
    ACCEPT  icmp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  icmp type 0 limit: avg 1/sec burst 5 
    ACCEPT  icmp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  icmp type 11 
    ACCEPT  icmp opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  icmp type 3 
    ACCEPT  icmp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  icmp type 11 
    ACCEPT  icmp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  icmp type 3 
    ACCEPT  udp opt -- in !lo out *  208.67.222.222  -> 0.0.0.0/0  udp spt:53 dpt:53 
    ACCEPT  tcp opt -- in !lo out *  208.67.222.222  -> 0.0.0.0/0  tcp spt:53 dpts:1024:65535 
    ACCEPT  udp opt -- in !lo out *  208.67.222.222  -> 0.0.0.0/0  udp spt:53 dpts:1024:65535 
    ACCEPT  tcp opt -- in !lo out *  208.67.222.222  -> 0.0.0.0/0  tcp spts:1024:65535 dpt:53 
    ACCEPT  udp opt -- in !lo out *  208.67.222.222  -> 0.0.0.0/0  udp spts:1024:65535 dpt:53 
    ACCEPT  udp opt -- in !lo out *  208.67.222.220  -> 0.0.0.0/0  udp spt:53 dpt:53 
    ACCEPT  tcp opt -- in !lo out *  208.67.222.220  -> 0.0.0.0/0  tcp spt:53 dpts:1024:65535 
    ACCEPT  udp opt -- in !lo out *  208.67.222.220  -> 0.0.0.0/0  udp spt:53 dpts:1024:65535 
    ACCEPT  tcp opt -- in !lo out *  208.67.222.220  -> 0.0.0.0/0  tcp spts:1024:65535 dpt:53 
    ACCEPT  udp opt -- in !lo out *  208.67.222.220  -> 0.0.0.0/0  udp spts:1024:65535 dpt:53 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  udp spt:53 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  tcp spt:53 
    ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:53 
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:53 
    ACCEPT  all opt -- in lo out *  0.0.0.0/0  -> 0.0.0.0/0  
    ACCEPT  all opt -- in * out lo  0.0.0.0/0  -> 0.0.0.0/0  
    LOGDROPOUT  all opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  
    LOGDROPIN  all opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  
    Restarting bandmin acctboth chains for cPanel
    acctboth  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  
    acctboth  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  
    acctboth  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  
    acctboth  all opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  
    LOCALOUTPUT  all opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0  
    LOCALINPUT  all opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0  
    *WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
    
    
    ...Done.
    I do
    Code:
    TCP_IN = 20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,30000:35000
    Also fix as
    Code:
    PassivePortRange	30000 35000
    they said.. I do all.. Even after setup all these I restart CSF and FTP Server (ProFTPd/PureFTPd) both... Even I restart my VPS

    But still I got problem with FTP. use PASV and errors stuffs like that!

    When I stop the CSF it will fix automatically... and start my FTP as well. :eek:

    Now tell me what to do! :confused: :(

    Thank You..
     
  5. twhiting9275

    twhiting9275 Well-Known Member

    Joined:
    Sep 26, 2002
    Messages:
    538
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    You need to get CSF support at their forums, this is a cPanel forum!!!
     
  6. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    CSF is a third-party product that is neither developed nor supported by cPanel. Your best resource for assistance with CSF will be ConfigServer's own support options. The following page offers support contact information for ConfigServer:

    Way to the Web Technical Support
     
Loading...

Share This Page