Firewall Status: Enabled but Stopped (centOS 8)

Networkfa

Verified User
Joined
Mar 20, 2019
Messages
14
Code:
# systemctl status csf
● csf.service - ConfigServer Firewall & Security - csf
   Loaded: loaded (/usr/lib/systemd/system/csf.service; enabled; vendor preset: disabled)
   Active: active (exited) since Tue 2019-10-01 14:56:16 +0330; 45min ago
  Process: 1050 ExecStart=/usr/sbin/csf --initup (code=exited, status=0/SUCCESS)
 Main PID: 1050 (code=exited, status=0/SUCCESS)

Oct 01 14:56:14 c8da.networkfa.net systemd[1]: Starting ConfigServer Firewall & Security - csf...
Oct 01 14:56:16 c8da.networkfa.net csf[1050]: (restoring iptables) (restoring ip6tables)
Oct 01 14:56:16 c8da.networkfa.net systemd[1]: Started ConfigServer Firewall & Security - csf.
 
Hello,

I believe you will get more likely a reply if you post your question on CSF/LFD forums or contact the developers directly.
 
same here:
[root@server1 ~]# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server
[root@server1 ~]#

I will check and keep you updated
 
I have no issue on my CentOS 8 server:

Code:
# cat /etc/redhat-release
CentOS Linux release 8.0.1905 (Core)
#
# systemctl status csf
● csf.service - ConfigServer Firewall & Security - csf
   Loaded: loaded (/usr/lib/systemd/system/csf.service; enabled; vendor preset: disabled)
   Active: active (exited) since Mon 2019-09-30 14:52:36 +07; 3 days ago
 Main PID: 688 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 24036)
   Memory: 0B
   CGroup: /system.slice/csf.service


Sep 30 14:52:31 intoda.poralix.net systemd[1]: Starting ConfigServer Firewall & Security - csf...
Sep 30 14:52:36 intoda.poralix.net csf[688]: (restoring ipsets) (restoring iptables) (restoring ip6tables)
Sep 30 14:52:36 intoda.poralix.net systemd[1]: Started ConfigServer Firewall & Security - csf.


Anyway whatever your issue is caused by hardly is it related to DirectAdmin at all. The CSF/LFD is a 3rd party software and is not managed by DA.
 
I have no issue on my CentOS 8 server:

Code:
# cat /etc/redhat-release
CentOS Linux release 8.0.1905 (Core)
#
# systemctl status csf
● csf.service - ConfigServer Firewall & Security - csf
   Loaded: loaded (/usr/lib/systemd/system/csf.service; enabled; vendor preset: disabled)
   Active: active (exited) since Mon 2019-09-30 14:52:36 +07; 3 days ago
 Main PID: 688 (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 24036)
   Memory: 0B
   CGroup: /system.slice/csf.service


Sep 30 14:52:31 intoda.poralix.net systemd[1]: Starting ConfigServer Firewall & Security - csf...
Sep 30 14:52:36 intoda.poralix.net csf[688]: (restoring ipsets) (restoring iptables) (restoring ip6tables)
Sep 30 14:52:36 intoda.poralix.net systemd[1]: Started ConfigServer Firewall & Security - csf.


Anyway whatever your issue is caused by hardly is it related to DirectAdmin at all. The CSF/LFD is a 3rd party software and is not managed by DA.

check it from the Directadmin csf plugin
 
OK, I see. Anyway it does not change anything. The plugin for DirectAdmin is written by CSF/LFD developers, and it's up to them to fix it, I'd rather say.
 
On my CentOS 8 server it is dead also when I check by command line:

Code:
[root@server~]# systemctl status csf.service
? csf.service - ConfigServer Firewall & Security - csf
   Loaded: loaded (/usr/lib/systemd/system/csf.service; enabled; vendor preset: disabled)
   Active: inactive (dead)
[root@server~]#

But testing show now errors:

Code:
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server

Edit: The problem was solved by doing "systemctl restart csf.service" on command line (it was not enough to start it, so it is a bug, and the work around is to do a restart of csf in command line. Now it looks good:

systemctl restart csf.service

Code:
[root@server ~]# systemctl status csf.service
? csf.service - ConfigServer Firewall & Security - csf
   Loaded: loaded (/usr/lib/systemd/system/csf.service; enabled; vendor preset: disabled)
   Active: active (exited) since Thu 2019-10-10 17:53:36 CEST; 36s ago
  Process: 17980 ExecStart=/usr/sbin/csf --initup (code=exited, status=0/SUCCESS)
 Main PID: 17980 (code=exited, status=0/SUCCESS)
 
Last edited:
Hello All,

In my CSF, I also have this issue when I upgraded the CentOS 8 on 2nd Oct 2019.

ConfigServer Security & Firewall - csf v13.07
Firewall Status: Enabled but Stopped

Currently, is it waiting for the CSF updates? Thanks
 
Hello All,

In my CSF, I also have this issue when I upgraded the CentOS 8 on 2nd Oct 2019.

ConfigServer Security & Firewall - csf v13.07
Firewall Status: Enabled but Stopped

Currently, is it waiting for the CSF updates? Thanks

Same here. Waiting for an update, since everything works fine.
 
I can also confirm it is fixed in 13.08, however it still is a little buggy. If you restart csf in shell command line, then it will show it as "Firewall Status: Enabled but Stopped" in GUI. Then you must click "Start" in GUI, and it will show correctly as running.
 
Back
Top