CSF (not LFD) blocking all incoming except SSH?

Post Reply
wmgilligan2
Junior Member
Posts: 3
Joined: 19 Apr 2019, 16:44

CSF (not LFD) blocking all incoming except SSH?

Post by wmgilligan2 »

Running Amazon EC2 (Amazon Linux) with a load balancer.

CSF has been running fine until today (some 1.5 years).
I logged in via SSH and ran the latest update for EC2.
Then restarted CSF - and https and sftp stop working worldwide.

Disable CSF - all good.

Turn CSF TEST MODE on - all fails.
- My understanding is LFD does not run when in test mode. So LFD not the issue.
I have flushed iptables, and flushed all denies.

With CSF test mode enabled, I can SSH, but not SFTP or HTTPS
FTP (FileZilla) appears to connect, but no response ever returned. HTTPS just times out.

Ideas?
wmgilligan2
Junior Member
Posts: 3
Joined: 19 Apr 2019, 16:44

Re: CSF (not LFD) blocking all incoming except SSH?

Post by wmgilligan2 »

Nope. No ideas..... Still an issue.
Anyone use a load balance, AWS and CSF?
BallyBasic79
Junior Member
Posts: 80
Joined: 22 Aug 2019, 21:43

Re: CSF (not LFD) blocking all incoming except SSH?

Post by BallyBasic79 »

Maybe share your csf.conf for some clues. Shouldn't be anything confidential in it, but check to be sure. Also confirm your CSF version.
wmgilligan2
Junior Member
Posts: 3
Joined: 19 Apr 2019, 16:44

Re: CSF (not LFD) blocking all incoming except SSH?

Post by wmgilligan2 »

csf: v13.06 (generic)

Config to big to cut/paste here...
Looking for ideas - ports, etc to open the door.
BallyBasic79
Junior Member
Posts: 80
Joined: 22 Aug 2019, 21:43

Re: CSF (not LFD) blocking all incoming except SSH?

Post by BallyBasic79 »

For the config, using text editor to strip all lines beginning with # reduces length by 72%.
Most important lines in this case are:
TCP_IN = "25,36,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,26"
TCP_OUT = "25,36,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703"
TCP6_IN = "25,36,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096"
TCP6_OUT = "25,36,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703"
PORTS_pop3d = "110,995"
PORTS_imapd = "143,993"
PORTS_htpasswd = "80,443"
PORTS_mod_security = "80,443"
PORTS_mod_qos = "80,443"
PORTS_symlink = "80,443"
PORTS_suhosin = "80,443"
PORTS_cxs = "80,443"
PORTS_bind = "53"
PORTS_ftpd = "20,21"
PORTS_webmin = "10000"
PORTS_cpanel = "2077,2078,2082,2083,2086,2087,2095,2096"
PORTS_smtpauth = "25,465,587"
PORTS_eximsyntax = "25,465,587"
PORTS_sshd = "22"
*This is a sample from one of my configs. Your details may vary.

HTTPS = 443
SFTP = 21

In web interface, use View Listening Ports to confirm status of ports. In terminal, use: csf -p

Important: check to ensure that your IP used for FTP or HTTP is not being blocked. In web interface, use Search for IP to check your IP. In terminal, use: csf -g IP

This will give you the status of those ports and the ability to get through them from your IP. Hope it helps.
Post Reply