RESTRICT_SYSLOG is disabled error at CSF

Few days ago I noticedĀ the following error at CSF:
WARNING: RESTRICT_SYSLOG is disabled. See SECURITY WARNING in Firewall Configuration

CSF-Restrict-syslog-is-disabled

Here is easy solution how to solve this:

1. Login to WHM
2. Home >Ā Plugins> ConfigServer Security & Firewall > Firewall Configuration
3. Set RESTRICT_SYSLOG to 3 (which is the default value), save and restart CSF

Thats it!


When CSF firewal is enabled – ping reports lots of lost packets

I use just-ping.com when I need to ping my servers from various locations in the world to see if it’s working right. I have noticed that when CSF Firewall is installed and active I get losts of lost packets when trying to ping the server, but when I disable it – results are okay. The solution for this is to increase the ICMP_IN_RATE value from 1/s to 30/s.

To do so login to your WHM go to ConfigServer Security & Firewall and there click on Firewall Configuration button and on that page locate ICMP_IN_RATE (CTRL+F can help you locate it) and then increase it’s value from 1/s to 30/s. Scroll all the way down and pres “Change” button to save the changes. Restart the firewall and test it again.

Here’s a screenshot of what you need to chage:
csf ping problem solution

Now you should have good ping results at just-ping.com šŸ™‚

04.12.2014 Update: Looks like the just-ping (now on new address cloudmonitor.ca.com) changed the way their service works. Now they ping you instantly from all places at once and CSF firewall will block most of these out and you’ll get lost packets in report. So for the testing you should set ICMP_IN_RATE to 0 – that will disable it – and then you can do tests. Other way around it to set it to fairly large number (200 or even bigger). Don’t forget to restart CSF + LFD in order these changes to apply.


How to setup and use iptables

What’s iptables?

Iptables is the current Linux firewall and routing service. It controls incoming and outgoing network.

 

How to stop/start/restart iptables?

Basically just like any other Linux service:

serviceĀ iptablesĀ startĀ 
serviceĀ iptablesĀ stopĀ 
serviceĀ iptablesĀ restart

 

How to check if iptables is currently running?

Simply call service status

service iptables status

and check the result:

Firewall is stopped.

If the status message is “Firewall is stopped.” that means that iptables are not running and you should start it with sertvice iptables start. If you get some tables with bunch of geek stuff that means that iptables are running.

 

How to automatically start iptables service on Linux boot?

To enable iptables starting on boot run

chkconfig iptables on

or run code below to disable it

chkconfig iptables off

Continue Reading

Tags: service iptables status