Author Topic: Firewall Disabled (CSF cannot be started suddenly)  (Read 11014 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Firewall Disabled (CSF cannot be started suddenly)
« on: December 04, 2021, 01:01:10 PM »
Quote
[root@ares ~]# systemctl status lfd.service
● lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2021-12-04 13:51:45 CET; 3min 59s ago

Dec 04 13:51:45 **********.com systemd[1]: Starting ConfigServer Firewall & Security - lfd...
Dec 04 13:51:45 **********.com systemd[1]: lfd.service: control process exited, code=exited status=203
Dec 04 13:51:45 **********.com systemd[1]: Failed to start ConfigServer Firewall & Security - lfd.
Dec 04 13:51:45 **********.com systemd[1]: Unit lfd.service entered failed state.
Dec 04 13:51:45 **********.com systemd[1]: lfd.service failed.
[root@ares ~]# systemctl start lfd.service
Job for lfd.service failed because the control process exited with error code. See "systemctl status lfd.service" and "journalctl -xe" for details.
[root@ares ~]# systemctl status lfd.service
● lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2021-12-04 13:55:55 CET; 5s ago
  Process: 4170 ExecStart=/usr/sbin/lfd (code=exited, status=203/EXEC)

Dec 04 13:55:55 **********.com systemd[1]: Starting ConfigServer Firewall & Security - lfd...
Dec 04 13:55:55 **********.com systemd[1]: lfd.service: control process exited, code=exited status=203
Dec 04 13:55:55 **********.com systemd[1]: Failed to start ConfigServer Firewall & Security - lfd.
Dec 04 13:55:55 **********.com systemd[1]: Unit lfd.service entered failed state.
Dec 04 13:55:55 **********.com systemd[1]: lfd.service failed.

I have an email "Upgrading csf from v14.14 to 14.15..." and looks like it was successful, so i have no idea why it stopped working suddenly.. Please help.

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #1 on: December 04, 2021, 02:49:48 PM »
restart configserver firewall left menu in cwp panel maybe sett it up all give a try

csf -uf

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #2 on: December 04, 2021, 02:51:51 PM »
Nothing happens. csf commands have no effect at all, nothing literally happens

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #3 on: December 04, 2021, 03:43:10 PM »
Any idea what to do to fix it? I really need to fix it asap guys..

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #4 on: December 04, 2021, 09:57:58 PM »
Can someone please assist me to re-install CSF if i have to, in order to fix the issue? I am really desperate right now.

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #5 on: December 05, 2021, 08:24:57 PM »
try to check lfd logs or try starting it manually by checking how its started in systemd
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #6 on: December 05, 2021, 08:34:05 PM »
try to check lfd logs or try starting it manually by checking how its started in systemd

Would you please give me some more information on what exactly logs to give you and how to get them? What do you mean by starting it manually?

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #7 on: December 05, 2021, 09:26:23 PM »
I checked the logs actually, everything seems fine, it's just that LFD/CSF suddenly stops working and i can't even find the reason for that..

Quote
Dec  5 22:21:55 ares systemd: Starting ConfigServer Firewall & Security - lfd...
Dec  5 22:21:55 ares systemd: Failed at step EXEC spawning /usr/sbin/lfd: Exec format error
Dec  5 22:21:55 ares systemd: lfd.service: control process exited, code=exited status=203
Dec  5 22:21:55 ares systemd: Failed to start ConfigServer Firewall & Security - lfd.
Dec  5 22:21:55 ares systemd: Unit lfd.service entered failed state.
Dec  5 22:21:55 ares systemd: lfd.service failed.
Dec  5 22:28:10 ares named[902]: client @0x7f77940d42f0 70.70.70.5#80 (sl): query (cache) 'sl/ANY/IN' denied
Dec  5 22:28:10 ares named[902]: client @0x7f77940d42f0 70.70.70.5#80 (sl): query (cache) 'sl/ANY/IN' denied
Dec  5 22:28:10 ares named[902]: client @0x7f77940e2a90 70.70.70.5#80 (sl): query (cache) 'sl/ANY/IN' denied
Dec  5 22:28:11 ares named[902]: client @0x7f77940e2a90 70.70.70.5#80 (sl): query (cache) 'sl/ANY/IN' denied
Dec  5 22:28:11 ares named[902]: client @0x7f77940d42f0 70.70.70.5#80 (sl): query (cache) 'sl/ANY/IN' denied
Dec  5 22:28:11 ares named[902]: client @0x7f77940d42f0 70.70.70.5#80 (sl): query (cache) 'sl/ANY/IN' denied
« Last Edit: December 05, 2021, 09:29:51 PM by Radical Redemption »

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #8 on: December 06, 2021, 06:25:50 AM »
you need to check the correct log file for the service you are testing.
each service has a startup command defined in the systemd so by checking lfd service file you can find that line and try it manually from ssh

but you will probably need to check it with some experienced sysadmin or cwp support if you don't know how to manually configure/reinstall CSF and set correct log paths.
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #9 on: December 06, 2021, 07:38:04 AM »
Well, I would really need some help with re-installing or fixing CSF/LFD firewall as I don't have the knowledge to make correct configurations after reinstalling it to be able to work with CWP.

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #10 on: December 09, 2021, 02:22:19 PM »
So, nobody can assist me with re-installing the CSF/LFD for CWP?

Offline
***
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #11 on: December 09, 2021, 10:46:16 PM »
I had problems with upgraded csf yesterday, in temp bans.

What output you have for the following command?:
Code: [Select]
csf -r
If you have problems too with temp bans, check your file: /var/lib/csf/csf.tempban

The format of this file must be:
$time|$ip|$port|$inout|$timeout|$message

If you see something strange there, correct it, and restart your firewall.
Code: [Select]
csf -r
Regards,
Netino

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #12 on: December 10, 2021, 07:38:05 AM »
I had problems with upgraded csf yesterday, in temp bans.

What output you have for the following command?:
Code: [Select]
csf -r
If you have problems too with temp bans, check your file: /var/lib/csf/csf.tempban

The format of this file must be:
$time|$ip|$port|$inout|$timeout|$message

If you see something strange there, correct it, and restart your firewall.
Code: [Select]
csf -r
Regards,
Netino

I have an issue with the CSF/LFD not starting at all..

However, I have installed a whole new server and the CSF there is running well, but it is not banning anything. The file /var/lib/csf/csf.tempban is empty
« Last Edit: December 10, 2021, 07:41:49 AM by Radical Redemption »

Offline
***
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #13 on: December 10, 2021, 11:18:39 PM »
(...)
However, I have installed a whole new server and the CSF there is running well, but it is not banning anything. The file /var/lib/csf/csf.tempban is empty

The file csf.tempban is just for temp bans.
Did you try to temp block any address, or permanent block?

Offline
*
Re: Firewall Disabled (CSF cannot be started suddenly)
« Reply #14 on: December 11, 2021, 07:40:52 AM »
(...)
However, I have installed a whole new server and the CSF there is running well, but it is not banning anything. The file /var/lib/csf/csf.tempban is empty

The file csf.tempban is just for temp bans.
Did you try to temp block any address, or permanent block?

Nevermind, I misunderstood this issue. However, I really need some help with re-installing CSF/LFD on my old server.