CSF on AlmaLinux 8.5

Z

zsupport

New member
Joined
Apr 14, 2017
Messages
2
Hi All,

We just installed directadmin on AlmaLinux 8.5 and as bonus from the custombuild 2 we got already csf, nice. Saves us installing it manual.

Unfortunately we noticed that csf 14.15 does not work properly on Almalinx 8.5 on 8.4 it works without issues. Problem is that the denyin, out allow in/out tables are not populated.

On 8.4 iptables -nvL | grep <blockedip> will show ip rules on 8.5 its empty.

After some digging with nft and iptables I found on 8.4 iptables to add nft type tables without issues. On 8.5 iptabels does not.

nft list ruleset on 8.4 gives the same ruleset as with the iptables -nvL with tables correctly filled. On 8.5 the tables won't fill but the csf.deny will nicely report the blocked ips.

Probably its needed to get csf upstream fixed for almalinix 8.5 and probably other variants. But maybe someone has seen it and has a fix?

Regards
 
I had it running on AlmaLinux 8.5 since the beginning without any issues.
Also the command you're stating is giving the correct output here.

However, we did disable the nftables service. So all is working via the iptables service.

When using CSF/LFD it's better anyway to disable the iptables and iptables6 services (or nftables) to prevent conflicts.
So just disable these services and you should be fine because CSF will run them for you.
 
Hi Richard,

We only use the csf/lfd services. iptables, nftables or even firewalld are all disabled. So there should be no conflict with any of them. Its a fresh install. With the 8.4 updated version we do not have this issue. Also same kernel mods are loaded. Its just strange the denyin/denyout tables are not populated correctly. Also the lfd log does not show any issues / errors.

Regards
 
Hello.

Since we both have 8.5 it seems the only difference between us is that I upgraded from Centos 8.5 to Almalinux 8.5 a little while ago.
Maybe something of Centos 8 is left which is used by CSF, since the commands don't give any issues on my 8.5 system.

zsupport said:
Probably its needed to get csf upstream fixed for almalinix 8.5
Click to expand...
Since it's a fresh Almalinux 8.5 install and it works on Almalinux 8.4 maybe it's a good idea to ask over at the CSF support forums?

I just found another odd issue on the support forums happening with Almalinux 8.5:

Maybe if you post your issue there too (in a seperate thread) the CSF devs might have a look at it a bit quicker.

Would be nice if anybody else with a fresh Almalinux 8.5 could check this and report if they also have this issue or not.
 
Richard G said:
I just found another odd issue on the support forums happening with Almalinux 8.5:
Strange behaviour on AlmaLinux 8.5 - Network Latency - ConfigServer Community Forum
Click to expand...
We had the same ( network spikes/ slow) after hoster moved to their other network location centos7, they then say to us it is our csf part and config.
We had to disable our country blocks then in csf , discussion closed whatever we did bring in. While after that the network problem was over.

( as they quick located that the network problem was there , i suspect they know , only hmm before at other network location is was no problem, but maybe that other network location did had less visitors from those country's ( i never found out, while there where no logs from that time, and also don't know where to look for it)

They told much ip's in list do that, and pointed out to docs csf about it.

Or the way it lookup the ip's for the country lists

So don't know a combination with the network you are in and csf settings for those, depending on hoster.

While it did worked years with no problems at their other network location!


But is other problem offtopic here , just to name it if someone find it with search.
 
Last edited:
You must log in or register to reply here.
Back
Top