If you have csf installed on a OpenVZ container, suddenly you may end up with csf blocking all ips and even ssh, email and all services will not be accesible, even though server is working, but firewall puts a block on everyone, and appears offline to others.
The problem should be resolved now!!
I got this fixed by doing the following steps:
Login to the host node and edit /etc/vz/conf/vpsid.conf. For example I'm using 101 as vpsid.
[root@node ~]# vi /etc/vz/conf/101.conf
Then add the following line to the end of the file.
IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc"Now restart the container.
[root@node ~]# vzctl restart 101
The problem should be resolved now!!
No comments:
Post a Comment