Search found 6 matches

by getup
26 Jan 2018, 08:47
Forum: Suggestions (csf)
Topic: csfpost.sh doesn't use shebang
Replies: 1
Views: 3634

csfpost.sh doesn't use shebang

It seems that csf runs csfpost.sh with sh instead of just using the shebang that was specified. This causes some unexpected behaviour if you need more logic in these files. I can only reproduce this on Ubuntu, CentOS has no problems. I've added the following code to csfpost.sh: #!/bin/bash if [ ! &q...
by getup
17 Sep 2017, 19:50
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 4840

Re: Docker support

One thing I forgot to add is that you need to disable Docker's interference with iptables. If you leave it on Docker will add rules for you.

On CentOS this would be in /etc/sysconfig/docker:

Code: Select all

OPTIONS=" -H unix:///var/run/docker.sock --ip-forward=true --iptables=false --ip-masq=true"
by getup
17 Sep 2017, 16:10
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 4840

Re: Docker support

I finally got around writing up a working set of firewall rules in combination with CSF. We have bundled it with our CSF Puppet module that is available on GitHub and the Puppet Forge. The script itself can be found here: https://github.com/sensson/puppet-csf/blob/master/templates/csf_docker.sh By d...
by getup
12 Jun 2017, 09:57
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 4840

Re: Docker support

I'm afraid it doesn't. We lose all connectivity once Docker restarts. The only solution we have is to restart Docker when that happens.
by getup
02 Jun 2017, 20:08
Forum: General Discussion (csf)
Topic: Docker support
Replies: 4
Views: 4840

Docker support

Will ConfigServer Firewall support Docker hosts in the future? We'd like to firewall the hosts Docker runs on and it would be cool if this is possible from within CSF.
by getup
27 Dec 2013, 19:43
Forum: General Discussion (csf)
Topic: CSF reload doesn't include csfpost.sh
Replies: 1
Views: 2203

CSF reload doesn't include csfpost.sh

In this case the topic title doesn't say it all. We've got a set up where we handle a number of rules through csfpost. Earlier today we noticed that the rules that are in that file were suddenly removed on one server. Just a minute ago, we noticed the same on another server. When I restart CSF the i...