johnchristy

Active Member
Mar 7, 2014
28
0
1
cPanel Access Level
Root Administrator
Hi guys

I already posted this n CSF forum but didnt get any reply.

I'm using Centos 5.10 with latest CSF installed. Yesterday I did some changes from UI. I only changed SU/SSH login alerts set to root and it was working great for like 6 hours. Today when I saw my mail box I got around 50 mails with this

===
lfd failed @ Wed Mar 26 06:55:41 2014. A restart was attempted automagically.
===

Then I quickly checked few things, but I was getting these errors :

>> tail /var/log/lfd.log

===
centos *Error* LF_DAEMON not enabled in /etc/csf/csf.conf, at line 70
===

iptables

===
Error: (iptables binary location) does not exist!, at line 41
===

So I had to contact my host and they said iptables crashed and they stopped iptables and I was able to SSH again. So what I did was I re-installed CSF.

But now When i start iptables I'm getting

===
[email protected][~/csf]# service csf start
Starting csf:iptables v1.3.5: Unknown arg `-j'
Try `iptables -h' or 'iptables --help' for more information.
===

When I checked /etc/sysconfig/iptables it shows last line

==
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
==

Should I remove this line? Again started to getting this same LFD alerts. So I stopped LFD for now.


I need some help here to narrow down this issue

Thank you in advance

Additional detail : now when I start csf, my httpd going down

Outage reason: name lookup timed out

if I stop csf then httpd is up
 

rhenderson

Well-Known Member
Apr 21, 2005
783
2
168
Oklahoma
cPanel Access Level
Root Administrator
I am NOT a IPTables expert AT ALL, but since no one responded I thoguht i would at least tell you that I don't have it in mine and from a quick Google search it doesn't look very productive, but someone else might chime in on that part, but above that do you have the accept lines, like

-A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

Also is this on a VPS? I know by setting up a bunch of servers we use fro VPS's that we always have to do extra configurations on IPTables to get everything in CSF to work.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,225
463