Want more timely Centmin Mod News Updates?
Become a Member

CSF Rsync not working with csf enabled

Discussion in 'Other Centmin Mod Installed software' started by pamamolf, Jun 5, 2016.

  1. YuchiRO

    YuchiRO Member

    100
    6
    18
    Jan 12, 2015
    Ratings:
    +8
    Local Time:
    11:58 AM
    5.5.4
    1. check for clues in /var/log/lfd.log and /var/log/messages for your servers ips related entries

    ldf dont show any ip relate both server
    message show blocked ip but it's yesterday, today i try rsync comand again and dont see any blocked as yesterday.

    2. check if either server ips are blocked in respective csf firewall via grep command

    Server 2
    Code:
    csf -g 1.1.1.1
    
    Chain            num   pkts bytes target     prot opt in     out     source               destination
    
    ALLOWIN          1        0     0 ACCEPT     tcp  --  !lo    *       1.1.1.1       0.0.0.0/0            tcp dpt:2222
    
    ALLOWOUT         1        0     0 ACCEPT     tcp  --  *      !lo     1.1.1.1       0.0.0.0/0            tcp dpt:1111
    
    IPSET: No matches found for 1.1.1.1
    
    
    ip6tables:
    
    Chain            num   pkts bytes target     prot opt in     out     source               destination
    No matches found for 1.1.1.1 in ip6tables
    
    Server 1
    Code:
     csf -g 2.2.2.2
    
    Chain            num   pkts bytes target     prot opt in     out     source               destination
    
    ALLOWIN          1        0     0 ACCEPT     tcp  --  !lo    *       2.2.2.2       0.0.0.0/0            tcp dpt:1111
    
    ALLOWOUT         1        0     0 ACCEPT     tcp  --  *      !lo     2.2.2.2       0.0.0.0/0            tcp dpt:2222
    
    IPSET: No matches found for 2.2.2.2
    
    
    ip6tables:
    
    Chain            num   pkts bytes target     prot opt in     out     source               destination
    No matches found for 2.2.2.2 in ip6tables
    

    Yes, i added to both server.
     
  2. eva2000

    eva2000 Administrator Staff Member

    44,742
    10,200
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,809
    Local Time:
    2:58 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    if they were added properly the server ips will show up in csf -g ipaddr output

    looks like they'd not
     
  3. eva2000

    eva2000 Administrator Staff Member

    44,742
    10,200
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,809
    Local Time:
    2:58 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    what if you just whitelist ip ?
    Code (Text):
    csf -a ipaddr
    
     
  4. YuchiRO

    YuchiRO Member

    100
    6
    18
    Jan 12, 2015
    Ratings:
    +8
    Local Time:
    11:58 AM
    5.5.4

    when i add ip with this command

    Code:
    Adding 1.1.1.1 to csf.allow and iptables ACCEPT...
    csf: IPSET adding [1.1.1.1] to set [chain_ALLOW]
    
     
  5. eva2000

    eva2000 Administrator Staff Member

    44,742
    10,200
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,809
    Local Time:
    2:58 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    yes that means properly whitelisted ip

    then try rsync

    ensure custom sshd port is in /etc/csf/csf.conf TCP_IN/TCP_OUT and TCP6_IN/TCP6_OUT comma separated list of whitelisted ports on both servers
     
  6. YuchiRO

    YuchiRO Member

    100
    6
    18
    Jan 12, 2015
    Ratings:
    +8
    Local Time:
    11:58 AM
    5.5.4
    Thanks, work like charm.
     
  7. eva2000

    eva2000 Administrator Staff Member

    44,742
    10,200
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,809
    Local Time:
    2:58 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    guess the other method has issues which is strange, worked for me
     
  8. Meirami

    Meirami Member

    146
    24
    18
    Dec 21, 2017
    Ratings:
    +57
    Local Time:
    7:58 AM
    This is really old thread, but still usefull. I'd like to share my way to do this.
    I rsynced between 2 dedicated ipv4s, so I think it's ok to open all ports.
    Server1 cfs -ta server2IP 'time in seconds'
    Server2 csf -ta server1IP 'time in seconds'
    *Time is how long rule is active

    After this, I scratched my head for a while.
    No connection.
    Until I remembered. I didn't use correct port.
    So, on server1 rsync 'server2 sshport' and rsync is connected.