Join the community today
Register Now

CSF CMM user: What's your current value for "USE_CONNTRACK" ?

Discussion in 'Centmin Mod Insights' started by rdan, Mar 7, 2016.

  1. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:53 AM
    Mainline
    10.2
    Config located on: /etc/csf/csf.conf
    I'm confuse why is it my default install OVH server has different value than other servers I have.


     
  2. eva2000

    eva2000 Administrator Staff Member

    53,533
    12,134
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,677
    Local Time:
    1:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    CSF only enables USE_CONNTRACK when Linux 3.7+ Kernels are detected so yes it varies depending on your Linux kernel version. I think only Linode is only provider with CentOS 6 and 7 defaulting to Linux 4.4 Kernels right now.
     
  3. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:53 AM
    Mainline
    10.2
    Even all my Linode CentOS server has 0 value/disabled.
     
  4. eva2000

    eva2000 Administrator Staff Member

    53,533
    12,134
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,677
    Local Time:
    1:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    strange then my Linodes have it enabled

    CSF changelog for v5.78 which is ancient
    edit: okay my CentOS 6 Linode has it enabled, my CentOS 7 have it disabled

    might need to ask on CSF support forums ConfigServer Community Forum - Index page
     
  5. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:53 AM
    Mainline
    10.2
    And I think when this is enabled on unknwon reason it cause me some issue.
    Like:
    • Can't use Akismet, always giving timeout error on server error log (posting takes a minute to succesfully post) / After I have it disabed I don't have this issue anymore so my assumption is 99% correct here)
    • Saving some option on XF admin takes 1 minute to load
    • Some weird issue happen sometimes loading a page takes forever without loading successfully, unless I stop and hit the link again and it loads fine (I have seen this issue also by some user's here).
    I'll observe my forum again on new OVH server, If I will not encounter those issue again then this single option on CSF is a massive messed that can cause some big issue.
     
  6. eva2000

    eva2000 Administrator Staff Member

    53,533
    12,134
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,677
    Local Time:
    1:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    sounds like nf_conntrack limit being hit, you can disable it USE_CONNTRACK = "0" in /etc/csf/csf.conf and restart csf service.
     
  7. rdan

    rdan Well-Known Member

    5,439
    1,398
    113
    May 25, 2014
    Ratings:
    +2,187
    Local Time:
    11:53 AM
    Mainline
    10.2
    I track this down, and I can say it's Cloudflare that prevents me from saving XF Spam Admin Options since I have 40+ spam keyword there.
    I added /admin.php on CF Page rules and problem solved.
     
  8. eva2000

    eva2000 Administrator Staff Member

    53,533
    12,134
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,677
    Local Time:
    1:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    interesting indeed !