Hi. I have been getting my Config Server Firewall disabling itself quite often recently (every day or so). It did this over the last year or so intermittently too. I restarted it but it stopped again, so today I reset it back to ‘factory’ settings and then put a few config tweaks back in such as ports etc…
It seems to be running fine, but I have a few issues:
IP Tables is not installed as a module in Webmin. I’m not sure how to get this installed, CSF says it is necessary though.
I can’t see where to disable IPv6, most online help references Network Settings in Webmin, but it looks to have changed location?
Do you see IPtables in the unused module section? It should be working its just in the wrong section.
I just had a look, the module is called Linux Firewall in the menu list and Linux IPTables Firewall in the header. If you look in there and its enable you should see the firewall list (unlike my screenshot)
may this installation does not have IPtables install but has NFtables installed instead ? Or is firewalld still running, which stops webmin displaying the IPtables module under Networking, but as pointed out, it is displayed in the unused modules section
I’m not going to make wild guesses. If they won’t give us real information to work with, we can’t help. What they said happened can’t be what happened (the IPTables module is a standard module in Webmin, and has nothing to do with whether nftables is installed on the system), so I’m going to wait until they tell us what actually happened.
First off, for relevancy, I’m running this as a server to host about 20 websites.
My understanding is that I should run iptables as a default firewall and then CSF is good to have on top as a GUI with a lot of nice features like login/intrusion/flood detection. I had this on previous cPanel servers, so I know it well. Please let me know if you think this shouldn’t be the case, but it’s reassuring to have a basic firewall turned on in case CSF drops out on me, which it has several times.
@stefan1959 - Yes, I see ‘Linux IPTables Firewall’ in the header and it shows ‘there is no bootup action, indicating the IPTables package is not installed on your system’.
@Joe - I searched IPTables in Webmin and found nothing, and it wasn’t there in unused modules. I didn’t realise it was called Linux Firewall. The main issue for me is CSF dropping out and also not getting any notifications when it does. If it is known to play up with Webmin or adds too much load then I’d consider dropping it, but would like to set a firewall up as securely as possible of course.
CSF is running at the moment but what is best to do from here as I haven’t setup Linux Firewall? Should I ‘unmask’ that somehow (and does that just mean it isn’t running)?
What is the actual error that had you looking for the IPtables module in Webmin? CSF does not depend on anything in Webmin.
CSF manages the firewall and there is a Webmin module for CSF. What does the Webmin iptables module have to do with anything?
Have you installed CSF? Have you installed the CSF Webmin module?
That has nothing to do with Webmin. CSF is not part of Webmin, it does not depend on Webmin or anything in Webmin. There is a Webmin module for managing CSF, but if CSF isn’t working correctly, it’s a misconfiguration in CSF or a bug in CSF, and has nothing to do with Webmin (though maybe, if you have the Webmin CSF module, you used Webmin to configure it).
Nobody said anything of the sort. But, you seem to be misunderstanding something somewhere because you’re doing a bunch of stuff completely unrelated to CSF. You can use any firewall you want. I don’t care, I’m not making any recommendations.
Now, knowing that we don’t maintain CSF, and CSF is not part of Webmin, we can safely say you do not need the Webmin iptables module in order to use CSF.
So what problem are you actually trying to solve? (Keeping in mind, I don’t use CSF and we are not the maintainers of CSF, and while there is a CSF module for Webmin, we’re probably not the people to ask about most CSF problems.)
Have you installed CSF? Have you installed the CSF Webmin module?
Yes, CSF is installed but kept stopping with a ‘Firewall not running’ message (or similar) in the main Webmin Dashboard.
What makes you believe that has anything to do with Webmin or the Webmin iptables firewall module?
I have never had CSF stop on multiple cPanel servers before, so I’m asking in case it’s a known issue with the Webmin integration or others might have experienced it.
Nobody said anything of the sort.
I didn’t say anyone did Joe, I was just asking for advice as it is a module rather than Webmin/Virtualmin code.
But, you seem to be misunderstanding something somewhere because you’re doing a bunch of stuff completely unrelated to CSF. You can use any firewall you want.
Is it okay to use Linux firewall with the CSF module? If CSF fails again then at least I get basic protection.
If not, what do I need to disable from a default Webmin installation to be able to use CSF without conflicts?
So what problem are you actually trying to solve?
I’m trying to prevent my CSF firewall module from stopping and causing security issues.
It is not a known issue. CSF doesn’t depend on Webmin, so if CSF is stopping, it has nothing to do with Webmin. There are many people using the Webmin module (as I understand it, it is maintained by the CSF developers, so I would think it would be the best GUI option for managing CSF).
If you’re using CSF, CSF manages the firewall. I don’t know if you can directly manage the iptables rules, too (again, I don’t use CSF…some people here do, maybe they have thoughts on that).
Unless CSF is literally being shut down, I can’t imagine the firewall rules it put in place disappear when the service stops doing what you expect.
Maybe define what you mean by “CSF stops”
Nothing. Installing Webmin does not create a firewall, nor does it install any firewalls. Webmin does nothing without being told to do something.
Or, do you have Virtualmin? Using the Virtualmin installer sets up firewalld and fail2ban to work with firewalld, which conflicts with CSF, but I believe CSF removes those when you install it.
OK, tell us what that looks like. Why do you think it’s stopping?
I haven’t used CFS in years. I do remember it used some sort of masquerading for the Ethernet interface. I once stopped the firewall and immediately lost connection to the server. May be different now.
Testing on rocky 8 for a few hours now and seems to work fine, but the bans so far are only SSH, from memory the OS logs location need to be tweaked. But that getting off topic.
There was a message in the Webmin dashboard under System information > Firewall version that said something to the effect of “Stopped” or “Disabled”, but can’t screenshot it now. I had to enter the CSF settings area to re-enable it on a few occasions. This time I did a reset from within the CSF page and re-entered the relevant settings. It has now remained up for a few days, so fingers crossed.
Yes, I’m using Virtualmin. Firewall.d says it isn’t running but I can’t work out whether Fail2Ban is (says ‘loaded’ and ‘active’ but what does the code=exited relate to below?)
@Volt31, what was your reason for using CSF instead of the default firewalls? I used CSF years ago, but finally tired of the constant upkeep of it. I can’t remember why I started using it now, something about blocking countries I think…