Page 1 of 1

CSF test fails on CentOS 6.1

Posted: 24 Dec 2018, 09:43
by pheonixsolutions

We're using CSF firewall on CentOS 6.10 server and isn't working as expected.

Here is the output of csftest:-
[root@server ~]# /etc/csf/
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...FAILED [FATAL Error: FATAL: Could not load /lib/modules/3.10.0-862.11.6.el7.x86_64/modules.dep: No such file or directory] - Required for csf to function
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...FAILED [Error: iptables: Protocol wrong type for socket.] - Required for CONNLIMIT feature
Testing ipt_owner/xt_owner...FAILED [Error: FATAL: Could not load /lib/modules/3.10.0-862.11.6.el7.x86_64/modules.dep: No such file or directory] - Required for SMTP_BLOCK and UID/GID blocking features
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf will not function on this server due to FATAL errors from missing modules [1]

Even though the iptables modules are loaded properly, csftest gives error.

# lsmod | grep 'owner\|multiport\|connlimit'
xt_connlimit 12917 0
xt_owner 12534 3
xt_multiport 12798 9
nf_conntrack 133053 7 xt_connlimit,xt_state,xt_connmark,nf_nat_ipv4,nf_nat,nf_conntrack_ipv4,xt_conntrack

Kernel Version:-
# uname -a
Linux 3.10.0-862.11.6.el7.x86_64 #1 SMP Tue Aug 14 21:49:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

Could you please provide us a solution for this issue ?

Thank you