elenlace

Well-Known Member
Sep 10, 2002
101
0
166
US
Hi,

I was wondering if anyone knows if it is possible to remove / disable iptables and just the firewall part of CSF. I like CSF very much but I have been having reocurring problems on most of my servers these past few weeks as suddenly some ports become unaccesible, is a random thing and nothing particular shows up in the logs, it seems under a very minor port scanning iptables goes crazy and disables ports such as 22 (SSH), 2082, 2095 and 2086-2087 (cpanel, webmail, WHM).

I know iptables is the culprit as yesterday one of my servers had ports 21,25,80,110 working fine but all the other mentioned ports were inaccesible, a tech at my DC went in, turned down iptables and suddenly all ports were available.

I want to go back to APF for firewall and just keep CSF for the brute attack protection and some other features (connections monitoring, process monitoring, etc).

Any help is greatly appreciated (Chirpy maybe? :=)

Warmest Regards
 

mctDarren

Well-Known Member
Jan 6, 2004
665
9
168
New Jersey
cPanel Access Level
Root Administrator
CSF and APF are only front-ends to iptables. They are scripts that feed it rules. iptables is the firewall, if you disable it then APF will not work. If a tech at your DC actually turned OFF iptables it might be time to find a new DC. If they just flushed it out then you need to find why and what is adding those ports to the firewall.

Do you have portsentry installed on the box perhaps?