Hi, when I add an ip address on csf.deny, the blocked ip address can still access the server ip address. I went back to the default csf settings but it didn't fix it. Firewalld is disabled, what could be causing this problem? I'm waiting for your help.
CSF Doesn't Block
- Thread starter Kerem
- Start date
sahostking
Verified User
We have the same issue - I however reinstalled CSF now and I am monitoring server. Its very strange.
and do see them in iptables
[root@rs-2-da domains]# iptables -n -L | grep 45.82.81.225
DROP all -- 45.82.81.225 0.0.0.0/0
LOGDROPOUT all -- 0.0.0.0/0 45.82.81.225
# Warning: iptables-legacy tables present, use iptables-legacy to see them
and do see them in iptables
[root@rs-2-da domains]# iptables -n -L | grep 45.82.81.225
DROP all -- 45.82.81.225 0.0.0.0/0
LOGDROPOUT all -- 0.0.0.0/0 45.82.81.225
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Richard G
Verified User
Might point out that you're using a mix of nftables and iptables. I've encountered this once when I set up an Centos 8 or Debian server, not sure anymore.
I just disabled nftables and then removed them via yum, same is possible via apt if I'm correct.
I've found a page (for Debian) which also gives commands to revert.
nftables - Debian Wiki
sahostking
Verified User
thanks
ran the following now on cloudlinux 8
yum remove nftables -y
then
yum install iptables -y
then
ipset was acting funny so
yum reinstall ipset -y
csf -ra
now monitoring it further but still get the following:
# Warning: iptables-legacy tables present, use iptables-legacy to see them
ran the following now on cloudlinux 8
yum remove nftables -y
then
yum install iptables -y
then
ipset was acting funny so
yum reinstall ipset -y
csf -ra
now monitoring it further but still get the following:
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Richard G
Verified User
Hmz... odd... Just to be sure I went and tested this on my Almalinux 8 server, but I don't get that line when restarting csf with the csf -ra command.
However I don't use either ipset or Cloudlinux, so I'm not sure if that could have something to do with it.
I presume you also have installed these two.
iptables-ebtables.x86_64
iptables-libs.x86_64
If so, I don't know what can be happening, but I will follow this thread, maybe somebody finds something and this issue makes me curious anyway.
However I don't use either ipset or Cloudlinux, so I'm not sure if that could have something to do with it.
I presume you also have installed these two.
iptables-ebtables.x86_64
iptables-libs.x86_64
If so, I don't know what can be happening, but I will follow this thread, maybe somebody finds something and this issue makes me curious anyway.
woktron
Verified User
- Joined
- Jul 2, 2019
- Messages
- 69
Have you disabled test mode?
Is this a virtual machine? Is so, what virtualization?
Please provide the output of
We have a few servers with the same iptables-legacy tables present warning - which is only output when entering
Is this a virtual machine? Is so, what virtualization?
Please provide the output of
Code:
lsmodWe have a few servers with the same iptables-legacy tables present warning - which is only output when entering
iptables -n -L but not when entering csf -ra. In any case, CSF is blocking IPs just fine. It is my understanding that this error can be safely ignored.
Richard G
Verified User
Ah there is the trick. Indeed on our Almalinux 8 server, when issuing that command, it's also showing this iptables-legacy notice.
timmerdanny
Verified User
- Joined
- Apr 2, 2014
- Messages
- 14
I had the same issue. Problem was that the website itself was routed through CloudFlare. The IP was blocked but CloudFlare acting like reverse proxy doesn't block the connection.