We are facing issue of "LFD" daemon failure regularly.
In WHM, it shows running and enabled, but failed to start.
Following is the error LFD generate:
>> Starting ConfigServer Firewall & Security - lfd...
>> Error: You have an unresolved error when starting csf. You need to restart csf successfully before starting lfd (see /etc/csf/csf.error)
>> PID file /var/run/lfd.pid not readable (yet?) after start.
>> Failed to start ConfigServer Firewall & Security - lfd.
>> Unit lfd.service entered failed state.
>> lfd.service failed.
We also check mentioned /etc/csf/csf.error file and found error as follows::
Error: FASTSTART: (DROP no logging IPv4)  [iptables-restore: line 20 failed]. Try restarting csf with FASTSTART disabled, at line 5080 in /usr/sbin/csf
Therefore, we found solution on CSF Forum to disable FASTSTART=0 and reload csf by csf -r command.
But LFD run for a day and same error occurred and LFD get stop.
Kindly give the solution.
The failure to restart does NOT happen all the time. Logs are sprinkled with proper results:
May 18 04:30:25 cpdev lfd: iptables appears to have been flushed - running *csf startup*... May 18 04:31:07 cpdev lfd: csf startup completed
May 18 11:35:52 cpdev lfd: iptables appears to have been flushed - running *csf startup*... May 18 11:35:59 cpdev lfd: csf startup completed May 18 11:35:59 cpdev lfd: *Error* csf reported an error (see /etc/csf/csf.error). *lfd stopped*, at line 7139 May 18 11:35:59 cpdev lfd: daemon stopped May 18 11:36:04 cpdev lfd: *Error* pid mismatch or missing, at line 918 May 18 11:36:04 cpdev lfd: daemon stopped
Error: FASTSTART: (Packet Filter IPv4)  [iptables-restore: line 2 failed]. Try restarting csf with FASTSTART disabled, at line 5080 in /usr/sbin/csf
It appears that csf/lfd isn't confirmed as stopped prior to trying to restart.
We remove /etc/csf/csf.error and use csf -ra, and everything starts nicely.
Would settting WAITLOCK_TIMEOUT to a longer time be a solution? Again, we don't use that or WAITLOCK on any of the other couple of dozen or so servers we have, and never have the issue.
22 May 2017, 14:12ForumAdmin wrote: There is currently an issue that can manifest on servers where the xtables lock has been implemented which we are working on to resolve.Thanks - we're giving that a try.
In the meantime, those seeing the problem should disable LF_CSF and enable WAITLOCK and then restart CSF and then lfd.
Also, the affected server deets, which may be useful:
Intel(R) Xeon(R) CPU X5570 @ 2.93GHz, 4 cores
Linux 3.10.0-427.36.1.lve1.4.47.el7.x86_64 on x86_64
ConfigServer Security & Firewall 10.08
ConfigServer eXploit Scanner - cxs v6.35