ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://forum.configserver.com/

CSF (not LFD) blocking all incoming except SSH?

https://forum.configserver.com/viewtopic.php?t=11284

Page 1 of 1

CSF (not LFD) blocking all incoming except SSH?

Posted: 19 Apr 2019, 16:50
by wmgilligan2
Running Amazon EC2 (Amazon Linux) with a load balancer.

CSF has been running fine until today (some 1.5 years).
I logged in via SSH and ran the latest update for EC2.
Then restarted CSF - and https and sftp stop working worldwide.

Disable CSF - all good.

Turn CSF TEST MODE on - all fails.
- My understanding is LFD does not run when in test mode. So LFD not the issue.
I have flushed iptables, and flushed all denies.

With CSF test mode enabled, I can SSH, but not SFTP or HTTPS
FTP (FileZilla) appears to connect, but no response ever returned. HTTPS just times out.

Ideas?

Re: CSF (not LFD) blocking all incoming except SSH?

Posted: 11 Sep 2019, 21:21
by wmgilligan2
Nope. No ideas..... Still an issue.
Anyone use a load balance, AWS and CSF?

Re: CSF (not LFD) blocking all incoming except SSH?

Posted: 12 Sep 2019, 00:29
by BallyBasic79
Maybe share your csf.conf for some clues. Shouldn't be anything confidential in it, but check to be sure. Also confirm your CSF version.

Re: CSF (not LFD) blocking all incoming except SSH?

Posted: 12 Sep 2019, 00:51
by wmgilligan2
csf: v13.06 (generic)

Config to big to cut/paste here...
Looking for ideas - ports, etc to open the door.

Re: CSF (not LFD) blocking all incoming except SSH?

Posted: 12 Sep 2019, 02:08
by BallyBasic79
For the config, using text editor to strip all lines beginning with # reduces length by 72%.
Most important lines in this case are:
TCP_IN = "25,36,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,26"
TCP_OUT = "25,36,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703"
TCP6_IN = "25,36,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096"
TCP6_OUT = "25,36,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703"
PORTS_pop3d = "110,995"
PORTS_imapd = "143,993"
PORTS_htpasswd = "80,443"
PORTS_mod_security = "80,443"
PORTS_mod_qos = "80,443"
PORTS_symlink = "80,443"
PORTS_suhosin = "80,443"
PORTS_cxs = "80,443"
PORTS_bind = "53"
PORTS_ftpd = "20,21"
PORTS_webmin = "10000"
PORTS_cpanel = "2077,2078,2082,2083,2086,2087,2095,2096"
PORTS_smtpauth = "25,465,587"
PORTS_eximsyntax = "25,465,587"
PORTS_sshd = "22"
*This is a sample from one of my configs. Your details may vary.

HTTPS = 443
SFTP = 21

In web interface, use View Listening Ports to confirm status of ports. In terminal, use: csf -p

Important: check to ensure that your IP used for FTP or HTTP is not being blocked. In web interface, use Search for IP to check your IP. In terminal, use: csf -g IP

This will give you the status of those ports and the ability to get through them from your IP. Hope it helps.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited