Search found 7 matches

Search found 7 matches Page 1 of 1
by getup
15 Dec 2018, 11:29
Forum: General Discussion (csf)
Topic: OpenVPN, CSF and IPv6
Replies: 0
Views: 286

I am trying to setup OpenVPN with IPv6. This runs on a physical machine. - eth0 has a /64 configured. - tun0 has another /64 configured. Both are part of the same /48. - The physical machine is accessible over IPv6. It can also access the outside world. - A VPN client receives an IPv6 address and ca...
by getup
26 Jan 2018, 08:47
Forum: Suggestions (csf)
Topic: csfpost.sh doesn't use shebang
Replies: 1
Views: 850

It seems that csf runs csfpost.sh with sh instead of just using the shebang that was specified. This causes some unexpected behaviour if you need more logic in these files. I can only reproduce this on Ubuntu, CentOS has no problems. I've added the following code to csfpost.sh: #!/bin/bash if [ ! "$...
by getup
17 Sep 2017, 19:50
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 1617

One thing I forgot to add is that you need to disable Docker's interference with iptables. If you leave it on Docker will add rules for you.

On CentOS this would be in /etc/sysconfig/docker:
Code: Select all
OPTIONS=" -H unix:///var/run/docker.sock --ip-forward=true --iptables=false --ip-masq=true"
by getup
17 Sep 2017, 16:10
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 1617

I finally got around writing up a working set of firewall rules in combination with CSF. We have bundled it with our CSF Puppet module that is available on GitHub and the Puppet Forge. The script itself can be found here: https://github.com/sensson/puppet-csf/blob/master/templates/csf_docker.sh By d...
by getup
12 Jun 2017, 09:57
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 1617

I'm afraid it doesn't. We lose all connectivity once Docker restarts. The only solution we have is to restart Docker when that happens.
by getup
02 Jun 2017, 20:08
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 1617

Will ConfigServer Firewall support Docker hosts in the future? We'd like to firewall the hosts Docker runs on and it would be cool if this is possible from within CSF.
by getup
27 Dec 2013, 19:43
Forum: General Discussion (csf)
Topic: CSF reload doesn't include csfpost.sh
Replies: 1
Views: 928

In this case the topic title doesn't say it all. We've got a set up where we handle a number of rules through csfpost. Earlier today we noticed that the rules that are in that file were suddenly removed on one server. Just a minute ago, we noticed the same on another server. When I restart CSF the i...
Search found 7 matches Page 1 of 1