The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

iptables Issues

Discussion in 'General Discussion' started by johnchristy, Mar 26, 2014.

  1. johnchristy

    johnchristy Active Member

    Joined:
    Mar 7, 2014
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi guys

    I already posted this n CSF forum but didnt get any reply.

    I'm using Centos 5.10 with latest CSF installed. Yesterday I did some changes from UI. I only changed SU/SSH login alerts set to root and it was working great for like 6 hours. Today when I saw my mail box I got around 50 mails with this

    ===
    lfd failed @ Wed Mar 26 06:55:41 2014. A restart was attempted automagically.
    ===

    Then I quickly checked few things, but I was getting these errors :

    >> tail /var/log/lfd.log

    ===
    centos *Error* LF_DAEMON not enabled in /etc/csf/csf.conf, at line 70
    ===

    iptables

    ===
    Error: (iptables binary location) does not exist!, at line 41
    ===

    So I had to contact my host and they said iptables crashed and they stopped iptables and I was able to SSH again. So what I did was I re-installed CSF.

    But now When i start iptables I'm getting

    ===
    root@123[~/csf]# service csf start
    Starting csf:iptables v1.3.5: Unknown arg `-j'
    Try `iptables -h' or 'iptables --help' for more information.
    ===

    When I checked /etc/sysconfig/iptables it shows last line

    ==
    -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
    ==

    Should I remove this line? Again started to getting this same LFD alerts. So I stopped LFD for now.


    I need some help here to narrow down this issue

    Thank you in advance

    Additional detail : now when I start csf, my httpd going down

    Outage reason: name lookup timed out

    if I stop csf then httpd is up
     
  2. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    I am NOT a IPTables expert AT ALL, but since no one responded I thoguht i would at least tell you that I don't have it in mine and from a quick Google search it doesn't look very productive, but someone else might chime in on that part, but above that do you have the accept lines, like

    -A cP-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

    Also is this on a VPS? I know by setting up a bunch of servers we use fro VPS's that we always have to do extra configurations on IPTables to get everything in CSF to work.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    This seems like an issue isolated to CSF itself. You may want to review this post on their forums:

    ConfigServer Community Forum - VPS iptables problems

    Thank you.
     
Loading...

Share This Page