new docker support not working

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
2 posts Page 1 of 1
marcele
Junior Member
Posts: 174
Joined: 17 Sep 2007, 17:02


I tired to enable the new docker support after upgrading to CSF 12.00 and remove our old csfpost.sh but I get this when I try to restart CSF on our Plesk server (using csf generic). It looks like the docker0 device isn't being passed to the new rules? In our upgraded csf.conf there was no DOCKER_DEVICE setting present in the config file.
Code: Select all
[root@dev0.server~]# csf -r
Bad argument `MASQUERADE'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `conntrack'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `ACCEPT'
Try `iptables -h' or 'iptables --help' for more information.
*ERROR* line:[1252]
Command:[/sbin/iptables   -t nat -A POSTROUTING -s 172.17.0.0/16 ! -o  -j MASQUERADE]
Error:[Bad argument `MASQUERADE']
You should check through the main output carefully

*ERROR* line:[1253]
Command:[/sbin/iptables   -A FORWARD -o  -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT]
Error:[Bad argument `conntrack']
You should check through the main output carefully

*ERROR* line:[1254]
Command:[/sbin/iptables   -A FORWARD -i  ! -o  -j ACCEPT]
Error:[Bad argument `ACCEPT']
You should check through the main output carefully

Update: manually adding the DOCKER_DEVICE missing option below to the docker section in /etc/csf/csf.conf fixed the problem:
Code: Select all
# The network device on the host
DOCKER_DEVICE = "docker0"
Last edited by marcele on 07 Mar 2018, 16:16, edited 2 times in total.
ForumAdmin
Moderator
Posts: 1375
Joined: 01 Oct 2008, 09:24


I just found that omission after your before your edit. It will be included correctly in the next release. Thank you for reporting it.
2 posts Page 1 of 1