Ubuntu 20.04.2 --> CSF install/panel access

brad · June 9, 2021, 1:12am

CSF installation without any apparent errors, but try to access the CSF panel link from the left menu and I get an error (below) Aditionally left menu: security → CSF brings up the CP firewall interface and appears to function normally. Modsecurity installed w/rule pack.

Error The path to iptables is either not set or incorrect for IPTABLES [/sbin/iptables] in /etc/csf/csf.conf at /usr/local/csf/lib/ConfigServer/URLGet.pm line 26. Compilation failed in require at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. BEGIN failed–compilation aborted at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. Compilation failed in require at /usr/local/csf/bin/cyberpanel.pl line 14. BEGIN failed–compilation aborted at /usr/local/csf/bin/cyberpanel.pl line 14.

abdulwahab718 · April 14, 2022, 5:15pm

did you figure out how to fix??? anyone who knows?

kooler · May 19, 2022, 12:25pm

It was working fine until yesterday. Suddenly this issue has popped up for me as well, can someone help?

kooler · May 19, 2022, 12:35pm

I managed to fix it. Not an issue related to CyberPanel but a recent update.
Details: use iptables legacy mode by jvonau · Pull Request #2667 · iiab/iiab · GitHub

To create the missing link: “ln -s /usr/sbin/iptables /sbin/iptables”

RO3B · May 26, 2022, 3:24pm

For me it’s still the same problem it won’t get fixed and no one from cyberpanel is providing any solution !!

kooler · May 26, 2022, 8:00pm

try
cd /usr/sbin/
ls -al
see if iptables (/usr/sbin/iptables) file exists in there or not? and usergroup etc

RO3B · May 26, 2022, 8:44pm

I just tried it and yes it’s there the files and everything what is the problem god knows !! i’m going crazy everything is set properly and yet no one from cyberpanel like usman etc… replying…

kooler · May 26, 2022, 8:45pm

Paste your /etc/csf/csf.conf here.
do ls -al and paste the output here in directory: /usr/sbin/
cd /sbin/ => ls -al => paste here

kooler · May 26, 2022, 8:47pm

Also provide info on your setup. Os version etc

RO3B · May 26, 2022, 8:52pm

Distributor ID: Ubuntu
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Codename: focal

RO3B · May 26, 2022, 8:55pm

/usr/sbin# ls
accessdb mysqld
addgnupghome netplan
addgroup newusers
add-shell nfnl_osf
adduser nghttpd
apache2 nghttpx
applygnupgdefaults nologin
arp opendkim
arpd ownership
arptables pam-auth-update
arptables-nft pam_getenv
arptables-nft-restore pam_timestamp_check
arptables-nft-save paperconfig
arptables-restore pdns_server
arptables-save phpdismod
aspell-autobuildhash phpenmod
biosdecode phpquery
check_forensic postalias
chgpasswd postcat
chmem postconf
chpasswd postdrop
chroot postfix
cpgr postfix-add-filter
cppw postfix-add-policy
cron postkick
csf postlock
delgroup postlog
deluser postmap
dmidecode postmulti
dovecot postqueue
dpkg-preconfigure postsuper
dpkg-reconfigure posttls-finger
e2freefrag pure-authd
e4crypt pure-ftpd-control
e4defrag pure-ftpd-mysql
ebtables pure-ftpd-mysql-virtualchroot
ebtables-nft pure-ftpd-wrapper
ebtables-nft-restore pure-ftpwho
ebtables-nft-save pure-mrtginfo
ebtables-restore pure-quotacheck
ebtables-save pure-uploadscript
escapesrc pwck
faillock pwconv
fdformat pwunconv
filefrag qmqp-sink
firewalld qmqp-source
genccode qshape
gencmn readprofile
genl remove-default-ispell
gennorm2 remove-default-wordlist
gensprep remove-shell
groupadd rmail
groupdel rmt
groupmems rmt-tar
groupmod rsyslogd
grpck rtcwake
grpconv safe_finger
grpunconv select-default-ispell
grub-bios-setup select-default-wordlist
grub-install sendmail
grub-macbless service
grub-mkconfig setvesablank
grub-mkdevicemap smtp-sink
grub-probe smtp-source
grub-reboot split-logfile
grub-set-default sshd
httxt2dbm tarcat
iconvconfig tcpd
icupkg tcpdchk
inetd tcpdmatch
invoke-rc.d thermald
ip6tables try-from
ip6tables-apply tzconfig
ip6tables-legacy update-ca-certificates
ip6tables-legacy-restore update-default-aspell
ip6tables-legacy-save update-default-ispell
ip6tables-nft update-default-wordlist
ip6tables-nft-restore update-dictcommon-aspell
ip6tables-nft-save update-dictcommon-hunspell
ip6tables-restore update-grub
ip6tables-restore-translate update-grub2
ip6tables-save update-grub-gfxpayload
ip6tables-translate update-gsfontmap
ipset update-inetd
iptables update-initramfs
iptables-apply update-locale
iptables-legacy update-mime
iptables-legacy-restore update-passwd
iptables-legacy-save update-pciids
iptables-nft update-rc.d
iptables-nft-restore upgrade-from-grub-legacy
iptables-nft-save usbmuxd
iptables-restore useradd
iptables-restore-translate userdel
iptables-save usermod
iptables-translate validlocale
ispell-autobuildhash vcstime
iucode-tool vigr
iucode_tool vipw
ldattach visudo
lfd vpddecode
locale-gen xtables-legacy-multi
logrotate xtables-monitor
make-ssl-cert xtables-nft-multi
mkinitramfs zic
mklost+found

root@:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Codename: focal
root@:~# ^C
root@**:~# nano /etc/csf/csf.conf
GNU nano 4.8 /etc/csf/csf.conf
###############################################################################

SECTION:Initial Settings

###############################################################################

Testing flag - enables a CRON job that clears iptables incase of

configuration problems when you start csf. This should be enabled until you

are sure that the firewall works - i.e. incase you get locked out of your

server! Then do remember to set it to 0 and restart csf when you’re sure

everything is OK. Stopping csf will remove the line from /etc/crontab

lfd will not start while this is enabled

TESTING = “0”

The interval for the crontab in minutes. Since this uses the system clock the

CRON job will run at the interval past the hour and not from when you issue

the start command. Therefore an interval of 5 minutes means the firewall

will be cleared in 0-5 minutes from the firewall start

TESTING_INTERVAL = “5”

SECURITY WARNING

================

Unfortunately, syslog and rsyslog allow end-users to log messages to some

system logs via the same unix socket that o

RO3B · May 26, 2022, 8:58pm

###############################################################################

SECTION:OS Specific Settings

###############################################################################

Binary locations

IPTABLES = “/usr/sbin/iptables”
IPTABLES_SAVE = “/usr/sbin/iptables-save”
IPTABLES_RESTORE = “/usr/sbin/iptables-restore”
IP6TABLES = “/usr/sbin/ip6tables”
IP6TABLES_SAVE = “/usr/sbin/ip6tables-save”
IP6TABLES_RESTORE = “/usr/sbin/ip6tables-restore”
MODPROBE = “/sbin/modprobe”
IFCONFIG = “/sbin/ifconfig”
SENDMAIL = “/usr/sbin/sendmail”
PS = “/bin/ps”
VMSTAT = “/usr/bin/vmstat”
NETSTAT = “/bin/netstat”
LS = “/bin/ls”
MD5SUM = “/usr/bin/md5sum”
TAR = “/bin/tar”
CHATTR = “/usr/bin/chattr”
UNZIP = “/usr/bin/unzip”
GUNZIP = “/bin/gunzip”
DD = “/bin/dd”
TAIL = “/usr/bin/tail”
GREP = “/bin/grep”
ZGREP = “/usr/bin/zgrep”
IPSET = “/usr/sbin/ipset”
SYSTEMCTL = “/usr/bin/systemctl”
HOST = “/usr/bin/host”
IP = “/sbin/ip”
CURL = “/usr/bin/curl”

kooler · May 26, 2022, 9:01pm

nano /etc/csf/csf.conf
Change these settings back to original as shown below

IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"

Run
rm -rf /sbin/iptables
re-create the symbolic link

ln -s /usr/sbin/iptables /sbin/iptables

Reboot

It should work If it doesn’t try

apt remove iptables
apt autoremove
apt autoclean
apt install iptables
ln -s /usr/sbin/iptables /sbin/iptables
reboot

kooler · May 26, 2022, 9:02pm

Why are you using this path after creating the symbolic link using the ln command. Do as i said.

kooler · May 26, 2022, 9:03pm

Your /sbin/ directory should contain an entry similar to after creating the symbolic link

lrwxrwxrwx  1 root root        18 May 19 07:34 iptables -> /usr/sbin/iptables

RO3B · May 26, 2022, 9:04pm

Okay i’m doing it now, thanks
I will update you soon

RO3B · May 26, 2022, 9:08pm

First method still showing

Error Setting IPTABLES is repeated in /etc/csf/csf.conf - you must remove the duplicates and then restart csf and lfd at /usr/local/csf/lib/ConfigServer/URLGet.pm line 26. Compilation failed in require at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. BEGIN failed–compilation aborted at /usr/local/csf/lib/ConfigServer/DisplayUI.pm line 20. Compilation failed in require at /usr/local/csf/bin/cyberpanel.pl line 14. BEGIN failed–compilation aborted at /usr/local/csf/bin/cyberpanel.pl line 14.

I will try the second method now

kooler · May 26, 2022, 9:09pm

You are doing it wrong. Read the ERRORS
LOOK

Error Setting IPTABLES is repeated in /etc/csf/csf.conf - you must remove the duplicates and then

Why duplicating the Entries?

kooler · May 26, 2022, 9:10pm

Remove these

IPTABLES = “/usr/sbin/iptables”
IPTABLES_SAVE = “/usr/sbin/iptables-save”
IPTABLES_RESTORE = “/usr/sbin/iptables-restore”
IP6TABLES = “/usr/sbin/ip6tables”
IP6TABLES_SAVE = “/usr/sbin/ip6tables-save”
IP6TABLES_RESTORE = “/usr/sbin/ip6tables-restore”

Add

IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"

Follow step 1 properly.

RO3B · May 26, 2022, 9:11pm

I Haven’t duplicated anything
Please check the screenshot
the same picture is showing since i installed cyber panel and tried to access :8090/configservercsf/