CSF anf Firewall Conflict

engrrajonahmed · February 4, 2023, 4:14pm

Hi there,
I was trying to enable CSF. So, I installed CSF and enabled. Then I tried to visit Firewall and now I see a broken page and an error.
Screenshot: https://i.imgur.com/QqbZ6Yh.png

Error--------------
*Error* The path to iptables is either not set or incorrect for IPTABLES [/sbin/iptables] in /etc/csf/csf.conf at /usr/local/csf/lib/ConfigServer/URLGet.pm line 26. Compilation failed in require at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. BEGIN failed--compilation aborted at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. Compilation failed in require at /usr/local/csf/bin/cyberpanel.pl line 14. BEGIN failed--compilation aborted at /usr/local/csf/bin/cyberpanel.pl line 14.

How can I fix it?

josephgodwinke · February 4, 2023, 4:58pm

Welcome @engrrajonahmed Happy New Year

Are you using the latest build + commit ?

engrrajonahmed · February 4, 2023, 5:06pm

Hi, Happy New Year

Yes, it’s a fresh instance and the latest version.

System:
CyberPanel: v2.3.3
OS: Ubuntu 20.04 LTS

Thank you!

josephgodwinke · February 4, 2023, 5:43pm

Well an upgrade wunt fix anything about the firewall or csf.

We can install csf manually like this

# assume wget and git is installed
$ apt install libnet-libidn-perl libcrypt-ssleay-perl libio-socket-inet6-perl libsocket6-perl libio-socket-ssl-perl perl iptables -y
$ wget http://download.configserver.com/csf.tgz
$ tar -xvfz csf.tgz
$ cd csf
$ bash install.sh || sh install.sh
## test if it works on this server
$ perl /usr/local/csf/bin/csftest.pl

$ nano /etc/csf/csf.conf
> change TESTING = "1" to TESTING = "0"
> change RESTRICT_SYSLOG = "0" to RESTRICT_SYSLOG = "3"

$ systemctl enable --now csf

Go to https://SERVER_URL:8090/firewall/csf and block and unblock whichever ports you need plus any ip addresses

engrrajonahmed · February 5, 2023, 12:49pm

Hi @josephgodwinke bro,
I followed your instruction and got a few errors:

mkdir: cannot create directory ‘/etc/csf’: File exists
mkdir: cannot create directory ‘webmin/csf/images’: File exists
mkdir: cannot create directory ‘ui/images’: File exists
mkdir: cannot create directory ‘da/images’: File exists
mkdir: cannot create directory ‘interworx/images’: File exists
cp: cannot stat 'Geo': No such file or directory
chmod: cannot access '/var/log/lfd.log*': No such file or directory
chmod: cannot access '/etc/csf/*.cgi': No such file or directory
chmod: cannot access '/etc/csf/*.php': No such file or directory
chmod: cannot access '/etc/csf/*.py': No such file or directory
chcon: failed to get security context of '/etc/logrotate.d': No data available
failed to change mode of '/etc/csf/*.cgi' from 0700 (rwx------) to 0700 (rwx------)
failed to change mode of '/etc/csf/*.php' from 0700 (rwx------) to 0700 (rwx------)
failed to change mode of '/etc/csf/*.py' from 0700 (rwx------) to 0700 (rwx------)
mkdir: cannot create directory ‘/home/cyberpanel/plugins’: File exists

When I tried to test it using the command you mentioned I got:
$ root@server:~/csf# perl /usr/local/csf/bin/csftest.pl

Testing ip_tables/iptable_filter...open3: exec of /sbin/iptables -I OUTPUT -p tcp --dport 9999 -j ACCEPT failed: No such file or directory at /usr/local/csf/bin/csftest.pl line 144.

And I am getting the same error on Firewall page:

*Error* The path to iptables is either not set or incorrect for IPTABLES [/sbin/iptables] in /etc/csf/csf.conf at /usr/local/csf/lib/ConfigServer/URLGet.pm line 26. Compilation failed in require at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. BEGIN failed--compilation aborted at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. Compilation failed in require at /usr/local/csf/bin/cyberpanel.pl line 14. BEGIN failed--compilation aborted at /usr/local/csf/bin/cyberpanel.pl line 14.

Any suggestion for me?

josephgodwinke · February 5, 2023, 12:52pm

I thought you would uninstall configserver completely first then install it the way I sent

$ cd /etc/csf
$ sh uninstall.sh
$ cd ~
## start installing here

engrrajonahmed · February 5, 2023, 12:56pm

I uninstalled it completely. Okay, let me try again…

engrrajonahmed · February 7, 2023, 5:28am

@josephgodwinke
Thanks for your help. By the way, is it normal that the /firewall page is getting redirected to /configservercsf?

Before installing the CSF I ran the following command:
$ ln -s /usr/sbin/iptables /sbin/iptables

It fixed the issue.

Thank you!

josephgodwinke · February 7, 2023, 11:37am

Yes to /firewall if not installed /configservercsf/ if csf is installed. Sorry for this

engrrajonahmed · February 7, 2023, 12:03pm

@josephgodwinke
Yes, that is the CSF settings page(Security > CSF).
But when I try to visit the Firewall page (Security > Firewall) CyberPanel redirects me to ConfigServer Security & Firewall settings page(Security > ConfigServer Services > ConfigServer Security & Firewall).

Why http://Server-IP:8090/firewall is getting redirected to http://Server-IP:8090/configservercsf?

** I know what CSF means.

Thank you!

josephgodwinke · February 7, 2023, 12:26pm

Yes this is correct firewalld and configserver use case is one and same thing its like having pureftpd and vsftpd. Installing csf replaces firewall url with configserver

engrrajonahmed · February 7, 2023, 1:18pm

@josephgodwinke Thank you, brother! <3

system · February 7, 2023, 4:18pm

This topic was automatically closed 3 hours after the last reply. New replies are no longer allowed.