CSF and Docker

Support and Discussion General Discussion
1

If you are using CSF and docker [machine] to host nodejs servers, you may find out they are not accessible when you enable CSF.

To fix that, you will need to:

  1. Enable docker in /etc/csf/csf.conf.
  2. Add the docker tcp port (usually 8080) to TCP_OUT (and TCP6_OUT).
  3. Create /etc/csf/csfpost.sh as follows to restart docker whenever CSF restarts:
    #!/bin/bash
    systemctl restart docker
  4. Restart csf with ‘csf -ra’.
  5. Add ‘csf.service’ to After in /lib/systemd/system/docker.service.

#3 is important for docker to reestablish its iptables config.
I’m not sure there is a way to change CSF config to avoid having to do #3.