Results 1 to 6 of 6

Thread: CSF on vz vps

  1. #1
    Join Date
    Apr 2009
    Location
    CA
    Posts
    54

    CSF on vz vps

    Hello,
    i wanted to install CSF for one of my VPS customers and i did exact thing is this page :
    http://www.sherin.co.in/csf-lfd-fire...tuozzo-openvz/

    and another forum page in lxlabs (same as the link above)

    and this is the result of the CSF test script (perl /etc/csf/csftest.pl)

    Testing ip_tables/iptable_filter...OK
    Testing ipt_LOG...OK
    Testing ipt_multiport/xt_multiport...OK
    Testing ipt_REJECT...OK
    Testing ipt_state/xt_state...OK
    Testing ipt_limit/xt_limit...OK
    Testing ipt_recent...FAILED [Error: iptables: Unknown error 4294967295] - Required for PORTFLOOD feature
    Testing ipt_owner...OK
    Testing iptable_nat/ipt_REDIRECT...FAILED [Error: iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)] - Required for MESSENGER feature

    RESULT: csf will function on this server but some features will not work due to some missing iptables modules [2]


    But i can not run CSF , if i start CSF it will block all the connections
    can anyone please help me on this?

  2. #2
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    Please refer the following post , seems that you are facing the same issue

    http://www.webhostingtalk.com/showth...support&page=2


    And let us know if you need any further help on this
    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

  3. #3
    Join Date
    Apr 2009
    Location
    CA
    Posts
    54
    that did not help

  4. #4
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    Confirm the following modules are installed correctly in the Main Vps

    ipt_recent
    ipt_owner
    iptable_nat
    ipt_redirect

    After that reboot the vps node
    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

  5. #5
    Join Date
    Apr 2009
    Location
    CA
    Posts
    54
    how to install?
    ipt_owner is installed
    others not
    how can i install them?

  6. #6
    Join Date
    Jun 2003
    Location
    World Wide Web
    Posts
    581
    csf requires at least these iptables modules in the main node

    ip_tables
    ipt_state
    ipt_multiport
    iptable_filter
    ipt_limit
    ipt_LOG
    ipt_REJECT
    ipt_conntrack
    ip_conntrack
    ip_conntrack_ftp
    iptable_mangle


    Other modules where available for additional functionality:

    ipt_owner
    ipt_recent
    iptable_nat
    ipt_REDIRECT


    you can confirm this using

    # lsmod |grep -i <module-name>

    If its not installed you can install this using

    modprob ipt_conntrack



    You can test whether they have fixed the environment by running:

    /etc/csf/csftest.pl


    If its not fixed your issue then Do the following on the openvz node:

    1. /sbin/iptables -F

    2. Edit /etc/sysconfig/iptables-config

    IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp ip_conntrack_ftp ipt_conntrack ip_tables ip_conntrack_netbios_ns"


    3.Edit /etc/sysconfig/vz

    IPTABLES_MODULES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp ip_conntrack_ftp ipt_conntrack ip_tables ip_conntrack_netbios_ns"


    4. Issue these commands from the console:

    service vz stop

    service iptables restart

    service vz start

    Make necessary backup's before editing any files


    Try to start csf now

    SupportExpertz.com - the name says it all!
    Managed Cloud Servers
    Server Management and Monitoring
    24x7 outsourced customer support

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •