Page 1 of 1

CSF Update 5.76 on OpenVZ Unknown Error

Posted: 18 Feb 2013, 18:10
by JohnS
I run CSF on an OpenVZ VPS which automatically updated to the latest version (5.76) about an hour ago. Before the update there were no problems at all, but since the update I now get an error although all required modules are enabled. I've disabled automatic updates for my other VPS's and servers as I think this might be a bug.

Code: Select all

Error: Error processing command for line [1114] (10 times): [iptables: Unknown error 4294967295], at line 1114
VPS Node OS: CentOS 6
VPS OS: CentOS 5.9

CSF iptables Test:

Code: Select all

Testing iptables...

Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server
I thought this might be to do with NUMIPTENT, but on doing some checking it's set to unlimited and even setting it to 1000 still shows the error. All modules are loaded and older versions of CSF on other VPS's work without issues. Hopefully I've provided enough information and thanks for developing and continuing to improve CSF!

Re: CSF Update 5.76 on OpenVZ Unknown Error

Posted: 18 Feb 2013, 18:11
by ForumAdmin
See this thread:
viewtopic.php?f=6&t=6260

Re: CSF Update 5.76 on OpenVZ Unknown Error

Posted: 18 Feb 2013, 18:56
by JohnS
I've managed to fix this by adding ipt_conntrack to /etc/sysconfig/iptables-config and /etc/vz/vz.conf and running modprobe ipt_conntrack on the host node. ip_conntrack was enabled but not ipt_conntrack, so it's not a CSF bug. Thanks for the quick reply.

Re: CSF Update 5.76 on OpenVZ Unknown Error

Posted: 18 Feb 2013, 18:59
by ForumAdmin
Thanks JohnS for the information, makes it easier to point people in the right direction.