The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Issue Installing CSF

Discussion in 'General Discussion' started by Contemplator, May 23, 2017.

Tags:
  1. Contemplator

    Contemplator Member

    Joined:
    May 23, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nairobi, Kenya
    cPanel Access Level:
    Root Administrator
    Hi,

    I got the following error while installing CSF.

    Code:
    Testing ip_tables/iptable_filter...OK
    Testing ipt_LOG...OK
    Testing ipt_multiport/xt_multiport...OK
    Testing ipt_REJECT...OK
    Testing ipt_state/xt_state...FAILED [FATAL Error: iptables: No chain/target/match by that name.] - Required for csf to function
    Testing ipt_limit/xt_limit...OK
    Testing ipt_recent...OK
    Testing xt_connlimit...FAILED [Error: iptables: No chain/target/match by that name.] - Required for CONNLIMIT feature
    Testing ipt_owner/xt_owner...OK
    Testing iptable_nat/ipt_REDIRECT...FAILED [Error: iptables v1.4.14: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for MESSENGER feature
    Testing iptable_nat/ipt_DNAT...FAILED [Error: iptables v1.4.14: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for csf.redirect feature
    
    RESULT: csf will not function on this server due to FATAL errors from missing modules [1]
    
    I have tried various root commands from other threads, like:
    1. Issue in Installing csf in cPanel, by NaveenT20, Nov 16, 2015
      • Code:
        # modprobe iptables_module
        FATAL: Module iptables_module not found.
        # lsmod
        Module                  Size  Used by
        # cd /etc/sysconfig/modules/
        [/etc/sysconfig/modules]# ls
        ./  ../
        #cat /proc/sys/net/ipv4/ip_forward
        0
        
        
    2. replace centos 6.x iptables
      • Nothing Changed
    3. Installation CSF Firewall on CentOS 5 and 6 - Knowledgebase
      • Nothing Changed after perl -MCPAN -e 'install Bundle::LWP' finished compiling

    I also tried manually adding the modules in iptables-config, but it refused to start.
    I also tried downloading the iptables (1.6.1, 1.4.20 and 1.4.14), ./configure, make and make install. Nothing changed.

    Code:
    /etc/centos-release:CentOS release 6.9 (Final)
    /usr/local/cpanel/version:11.64.0.21
    /var/cpanel/envtype:
    Kernel Version : 2.6.32-042stab093.4
    
    Note: Server is not OpenVZ (so vz commands do not exist)
    Note: GoDaddy VPS (with default CentOS + CPanel)

    The server holds several active email accounts, so reinstalling the OS and CPanel is not an option.

    Thanks.

    I also tried Iptables Basic Guide:

    Code:
    # cat /boot/config-2.6.32-042stab093.4 | grep -i "CONFIG_IP_NF"
    cat: /boot/config-2.6.32-042stab093.4: No such file or directory
    # rpm -qa | grep iptables
    iptables-1.4.7-16.el6.x86_64
    iptables-ipv6-1.4.7-16.el6.x86_64
    # rpm -Uvh iptables-1.4.7-16.el6.x86_64.rpm
    error: open of iptables-1.4.7-16.el6.x86_64.rpm failed: No such file or directory
    # yum install iptables
    Loaded plugins: fastestmirror
    Setting up Install Process
    Loading mirror speeds from cached hostfile
     * cpanel-addons-production-feed: 104.219.172.10
     * base: centos-distro.cavecreek.net
     * extras: repos-lax.psychz.net
     * updates: dist1.800hosting.com
    Package iptables-1.4.7-16.el6.x86_64 already installed and latest version
    Nothing to do
    
     
    #1 Contemplator, May 23, 2017
    Last edited by a moderator: May 23, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,173
    Likes Received:
    1,295
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I recommend posting to the CSF support forums for help installing their software:

    General Discussion (csf) - ConfigServer Community Forum

    You may also want to reach out to your VPS hosting provider to see if they can help install the missing iptables modules from the hardware node.

    Thank you.
     
  3. Contemplator

    Contemplator Member

    Joined:
    May 23, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nairobi, Kenya
    cPanel Access Level:
    Root Administrator
    I signed up on the CSF forum, and their welcome message is that they rarely check questions. So I asked here hoping to get an answer sooner. Thanks for your quick reply.

    I will post the question on CSF and open the GoDaddy ticket.
     
  4. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,405
    Likes Received:
    53
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    It appears your VPS is not pushed with the required module. What is the Kernel version on your server. You said that it is not OpenVZ server. Please note, vz command only works on Node and not on the VPS inside it. I doubt that it is an OpenVZ VPS because in the command list you also searched something in /boot/*042stab093.4* and stab thing is always noted in the OpenVZ kernel.

    What is the output of the below command in your VPS?
    # uname -r
    # ifconfig

    Xen, KVM does not impose any such restriction, only OpenVZ does, so VPS has to be an OpenVZ container.
     
  5. Contemplator

    Contemplator Member

    Joined:
    May 23, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nairobi, Kenya
    cPanel Access Level:
    Root Administrator
    My system:
    Code:
    /version /var/cpanel/envtype ; grep CPANEL= /etc/cpupdate.conf
    /etc/redhat-release:CentOS release 6.9 (Final)
    /usr/local/cpanel/version:11.64.0.22
    /var/cpanel/envtype:virtuozzo
    CPANEL=stable
    I'm sure it's not OpenVZ, because I just installed Let's Encrypt and it's affecting CPanel directly. Also VZ files like vz-scripts or vz.conf do not exist.

    Your queries:
    Code:
    #uname -r
    2.6.32-042stab093.4
    # ifconfig
    eth0      Link encap:Ethernet  HWaddr ##:##:##:##:##:## 
              inet addr:###.###.###.###  Bcast:###.###.###.###  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:3722028 errors:0 dropped:0 overruns:0 frame:0
              TX packets:3531314 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:554294495 (528.6 MiB)  TX bytes:523861182 (499.5 MiB)
    
    eth0:0    Link encap:Ethernet  HWaddr ##:##:##:##:##:## 
              inet addr:###.###.###.###  Bcast:###.###.###.###  Mask:255.255.255.255
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    
    eth0:1    Link encap:Ethernet  HWaddr ##:##:##:##:##:## 
              inet addr:###.###.###.###  Bcast:###.###.###.###  Mask:255.255.255.255
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    
    lo        Link encap:Local Loopback 
              inet addr:127.0.0.1  Mask:255.0.0.0
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:4266835 errors:0 dropped:0 overruns:0 frame:0
              TX packets:4266835 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:598175192 (570.4 MiB)  TX bytes:598175192 (570.4 MiB)
     
  6. Patrick Heinz

    Patrick Heinz Active Member

    Joined:
    Mar 14, 2015
    Messages:
    32
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Brasil
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Here's a post from 2013, but maybe it helps.

    itofy.com/other-stuff/openvz-iptables-csf-error-fix/
     
    #6 Patrick Heinz, May 25, 2017
    Last edited by a moderator: May 25, 2017
  7. Contemplator

    Contemplator Member

    Joined:
    May 23, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nairobi, Kenya
    cPanel Access Level:
    Root Administrator
    Thank you for your contribution, Patrick.

    However, if you look through my original post, you will notice that I have tried everything on that link.
    1. lsmod returns empty, so grep will be useless
    2. module folder is empty, so modprobe will be useless
    3. This is not an OpenVZ container, so vz.conf and vzctl do not exist
     
Loading...

Share This Page