web analytics

CSF on SolusVM Node

One of my clients wanted to secure their slave nodes with a firewall, and asked to install CSF on the servers. We setup a new slave node and installed CSF and everything was working fine. Created a new VPS, and noticed that the VPS IP Address is not responding. There was no ping to the VPS IP Address from outside. Logged into the server via console and the IP Address was up in the server. However there was no inbound and outbound network connections.


[root@vps ~]# ping google.com

Thinking it could be a resolver problem, I switched the resolver entries to use google DNS as follows.


[root@vps ~]# vi /etc/resolv.conf

Enter the following

nameserver 8.8.8.8
nameserver 8.8.4.4

Save and quit the file. Tried to ping google.com again from the server and it timed out again. As a next trial, I disabled csf in the slave server and the VPS IP started responding again. Hence, it was something in the csf config that was blocking the access. After so many trial and error and research, the following addition to the CSF configuration worked for me.


[root@slave ~]# cd /etc/csf/
[root@slave csf]# touch csfpre.sh
[root@slave csf]# vi csfpre.sh

iptables -A FORWARD -m physdev –physdev-in peth0 –physdev-out vif+ -j ACCEPT
iptables -A FORWARD -m physdev –physdev-out peth0 –physdev-in vif+ -j ACCEPT
iptables -A FORWARD -m physdev –physdev-out vif+ –physdev-in vif+ -j ACCEPT
iptables -A FORWARD -m physdev –physdev-in vif+ –physdev-out vif+ -j ACCEPT

Enter the above 4 lines into csfpre.sh, save and quit the file. Now restarted csf and tested the IP Address again, and voylaaa the IP Address started responding.


[root@slave csf]# /etc/rc.d/init.d/csf restart
Stopping csf: [ OK ]
Starting csf: [ OK ]
[root@slave csf]# ping 1.2.3.4
PING 1.2.3.4 (1.2.3.4) 56(84) bytes of data.
64 bytes from 1.2.3.4: icmp_seq=1 ttl=63 time=0.435 ms
64 bytes from 1.2.3.4: icmp_seq=2 ttl=63 time=0.894 ms
64 bytes from 1.2.3.4: icmp_seq=3 ttl=63 time=0.660 ms
^C
— 1.2.3.4 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2330ms
rtt min/avg/max/mdev = 0.435/0.663/0.894/0.187 ms

Logged in to VPS again and tested outbound connection and that was working too.


[root@vps ~]# ping google.com
PING google.com (216.58.214.78) 56(84) bytes of data.
64 bytes from fra15s10-in-f14.1e100.net (216.58.214.78): icmp_seq=1 ttl=57 time=0.359 ms
64 bytes from fra15s10-in-f14.1e100.net (216.58.214.78): icmp_seq=2 ttl=57 time=0.608 ms
64 bytes from fra15s10-in-f14.1e100.net (216.58.214.78): icmp_seq=3 ttl=57 time=0.607 ms
— google.com ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 3089ms
rtt min/avg/max/mdev = 0.359/0.545/0.608/0.107 ms

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>