Setting CSF Pada VPS OpenVZ

Agar CSF dapat berkerja sempurna pada CSF (ConfigServer Firewall) maka konfigurasi OpenVZ harus diubah sbb:

# nano /etc/vz/vz.conf

IPTABLES=”ipt_REDIRECT ipt_owner ipt_recent iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc”

Kemudian restart VPS tersebut.

Note, all modules:

iptable_filter, iptable_mangle, ipt_limit, ipt_multiport, ipt_tos, ipt_TOS, ipt_REJECT, ipt_TCPMSS, ipt_tcpmss, ipt_ttl, ipt_LOG, ipt_length, ip_conntrack, ip_conntrack_ftp, ip_conntrack_irc, ipt_conntrack, ipt_state, ipt_helper, iptable_nat, ip_nat_ftp, ip_nat_irc, ipt_REDIRECT, xt_mac, ipt_recent, ipt_owner.

PENTING:

Pada versi baru OVZ option iptables sudah obsoleted, diganti dengan --netfilter. Silahkan baca detailnya sbb: http://openvz.org/Man/vzctl.8#Netfilter_.28iptables.29_control_parameters

 

 

UNINSTALL CSF

Dalam beberapa kasus CSF perlu di-uninstall dahulu sbb:
cd /etc/csf

sh uninstall.sh

Tags: