Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@server1:/csf# perl csftest.pl
- Testing ip_tables/iptable_filter...OK
- Testing ipt_LOG...OK
- Testing ipt_multiport/xt_multiport...OK
- Testing ipt_REJECT...OK
- Testing ipt_state/xt_state...OK
- Testing ipt_limit/xt_limit...OK
- Testing ipt_recent...OK
- Testing xt_connlimit...FAILED [Error: iptables: Invalid argument. Run `dmesg' for more i
- nformation.] - Required for CONNLIMIT feature
- Testing ipt_owner/xt_owner...OK
- Testing iptable_nat/ipt_REDIRECT...OK
- RESULT: csf will function on this server but some features will not work due to some mis
- sing iptables modules [1]
- ------------------------
- root@server1:/# csf -s
- Flushing chain `INPUT'
- Flushing chain `FORWARD'
- Flushing chain `OUTPUT'
- Flushing chain `INPUT'
- Flushing chain `FORWARD'
- Flushing chain `OUTPUT'
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:67
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:67
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:67
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:67
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:68
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:68
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:68
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:68
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:111
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:111
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:111
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:111
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:113
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:113
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:113
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:113
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpts:135:139
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpts:135:139
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpts:135:139
- DROP udp opt in * out * ::/0 -> ::/0 udp dpts:135:139
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:445
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:445
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:445
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:445
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:500
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:500
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:500
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:500
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:513
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:513
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:513
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:513
- DROP tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:520
- DROP udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:520
- DROP tcp opt in * out * ::/0 -> ::/0 tcp dpt:520
- DROP udp opt in * out * ::/0 -> ::/0 udp dpt:520
- LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags
- 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
- LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags
- 0 level 4 prefix `Firewall: *TCP_OUT Blocked* '
- LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags
- 0 level 4 prefix `Firewall: *UDP_IN Blocked* '
- LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags
- 0 level 4 prefix `Firewall: *UDP_OUT Blocked* '
- LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flag
- s 0 level 4 prefix `Firewall: *ICMP_IN Blocked* '
- LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flag
- s 0 level 4 prefix `Firewall: *ICMP_OUT Blocked* '
- ip6tables: No chain/target/match by that name.
- LOG tcp opt in * out * ::/0 -> ::/0 limit: avg 30/min burst 5 LOG flags 0 level 4
- prefix `Firewall: *TCP6IN Blocked* '
- Error: ip6tables command [/sbin/ip6tables -v -A LOGDROPIN -p tcp -m limit --limit 30/m
- --limit-burst 5 -j LOG --log-prefix 'Firewall: *TCP6IN Blocked* '] failed, you appear to
- be missing a required ip6tables module, at line 519
- root@server1:/#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement