File: //var/log/sentinel_migration_2025-10-28-135305.log
== Migración CSF → Sentinel (Ubuntu) ==
Log: /var/log/sentinel_migration_2025-10-28-135305.log
[*] Creando backup en: /var/backups/csf-2025-10-28-135305
tar: Removing leading `/' from member names
/etc/csf/
/etc/csf/csf.dirwatch
/etc/csf/csf.smtpauth
/etc/csf/csf.syslogusers
/etc/csf/regex.custom.pm
/etc/csf/install.txt
/etc/csf/csf.redirect
/etc/csf/csfwebmin.tgz
/etc/csf/csf.resellers
/etc/csf/csf.suignore
/etc/csf/readme.txt
/etc/csf/csf.signore
/etc/csf/uninstall.sh
/etc/csf/csf.ignore
/etc/csf/csftest.pl
/etc/csf/csf.sips
/etc/csf/csf.blocklists
/etc/csf/csf.logignore
/etc/csf/alerts
/etc/csf/csf.blocklists.new
/etc/csf/csf.rblconf
/etc/csf/csf.mignore
/etc/csf/csf.rignore
/etc/csf/pt_deleted_action.pl
/etc/csf/remove_apf_bfd.sh
/etc/csf/csf.cloudflare
/etc/csf/csf.logfiles
/etc/csf/csf.allow
/etc/csf/changelog.txt
/etc/csf/version.txt
/etc/csf/csf.fignore
/etc/csf/license.txt
/etc/csf/messenger/
/etc/csf/messenger/index.php
/etc/csf/messenger/index.html
/etc/csf/messenger/index.recaptcha.php
/etc/csf/messenger/index.text
/etc/csf/messenger/index.recaptcha.html
/etc/csf/messenger/en.php
/etc/csf/csf.dyndns
/etc/csf/csf.deny
/etc/csf/downloadservers
/etc/csf/csf.pignore
/etc/csf/webmin
/etc/csf/ui/
/etc/csf/ui/server.crt
/etc/csf/ui/images/
/etc/csf/ui/images/loader.gif
/etc/csf/ui/images/configserver.css
/etc/csf/ui/images/bootstrap/
/etc/csf/ui/images/bootstrap/css/
/etc/csf/ui/images/bootstrap/css/bootstrap.min.css
/etc/csf/ui/images/bootstrap/css/bootstrap.min.css.map
/etc/csf/ui/images/bootstrap/fonts/
/etc/csf/ui/images/bootstrap/fonts/glyphicons-halflings-regular.ttf
/etc/csf/ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff2
/etc/csf/ui/images/bootstrap/fonts/glyphicons-halflings-regular.svg
/etc/csf/ui/images/bootstrap/fonts/glyphicons-halflings-regular.eot
/etc/csf/ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff
/etc/csf/ui/images/bootstrap/js/
/etc/csf/ui/images/bootstrap/js/bootstrap.min.js
/etc/csf/ui/images/chosen-sprite.png
/etc/csf/ui/images/reseller_icon.svg
/etc/csf/ui/images/bootstrap-switch.min.js
/etc/csf/ui/images/chosen.jquery.min.js
/etc/csf/ui/images/csf_small.png
/etc/csf/ui/images/csf.svg
/etc/csf/ui/images/csf-loader.gif
/etc/csf/ui/images/admin_icon.svg
/etc/csf/ui/images/bootstrap-switch.min.css
/etc/csf/ui/images/jquery.min.js
/etc/csf/ui/images/chosen.min.css
/etc/csf/ui/images/chosen.min.js
/etc/csf/ui/images/bootstrap-chosen.css
/etc/csf/ui/images/LICENSE.txt
/etc/csf/ui/images/bootstrap.confirm.js
/etc/csf/ui/images/chosen-sprite@2x.png
/etc/csf/ui/ui.allow
/etc/csf/ui/server.key
/etc/csf/ui/ui.ban
/etc/csf/csf.uidignore
/etc/csf/csf.syslogs
/etc/csf/lfd.pl
/etc/csf/csf.conf
/etc/csf/csf.pl
[*] Backup listo:
total 504K
drwxr-xr-x 2 root root 4.0K Oct 28 13:53 .
drwxr-xr-x 3 root root 4.0K Oct 28 13:53 ..
-rw-r--r-- 1 root root 475K Oct 28 13:53 etc-csf.tgz
-rw-r--r-- 1 root root 8.0K Oct 28 13:53 iptables-save.txt
-rw-r--r-- 1 root root 12K Oct 28 13:53 nftables.rules
[*] Instalando dependencias necesarias…
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Get:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [128 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-security InRelease [129 kB]
Hit:4 https://ppa.launchpadcontent.net/ondrej/php/ubuntu jammy InRelease
Hit:5 https://software.virtualmin.com/vm/7/gpl/apt virtualmin InRelease
Get:6 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 c-n-f Metadata [19.0 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 c-n-f Metadata [29.8 kB]
Get:8 http://archive.ubuntu.com/ubuntu jammy-security/main amd64 c-n-f Metadata [13.9 kB]
Get:9 http://archive.ubuntu.com/ubuntu jammy-security/universe amd64 c-n-f Metadata [22.4 kB]
Fetched 342 kB in 1s (423 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
ipset is already the newest version (7.15-1build1).
ipset set to manually installed.
lsb-release is already the newest version (11.1.0ubuntu4).
curl is already the newest version (7.81.0-1ubuntu1.21).
perl is already the newest version (5.34.0-3ubuntu1.5).
perl set to manually installed.
tar is already the newest version (1.34+dfsg-1ubuntu0.1.22.04.2).
unzip is already the newest version (6.0-26ubuntu3.2).
wget is already the newest version (1.21.2-2ubuntu1.1).
0 upgraded, 0 newly installed, 0 to remove and 35 not upgraded.
Reading package lists...
Building dependency tree...
Reading state information...
libio-socket-ssl-perl is already the newest version (2.074-2).
libio-socket-ssl-perl set to manually installed.
libsocket6-perl is already the newest version (0.29-1build4).
libsocket6-perl set to manually installed.
The following NEW packages will be installed:
libio-socket-inet6-perl libnet-libidn-perl
0 upgraded, 2 newly installed, 0 to remove and 35 not upgraded.
Need to get 33.1 kB of archives.
After this operation, 115 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu jammy/main amd64 libio-socket-inet6-perl all 2.73-1 [14.7 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/main amd64 libnet-libidn-perl amd64 0.12.ds-3build6 [18.4 kB]
[master 1e05d2aa75] saving uncommitted changes in /etc prior to apt run
42 files changed, 211 insertions(+), 211 deletions(-)
Fetched 33.1 kB in 0s (764 kB/s)
Selecting previously unselected package libio-socket-inet6-perl.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 129905 files and directories currently installed.)
Preparing to unpack .../libio-socket-inet6-perl_2.73-1_all.deb ...
Unpacking libio-socket-inet6-perl (2.73-1) ...
Selecting previously unselected package libnet-libidn-perl.
Preparing to unpack .../libnet-libidn-perl_0.12.ds-3build6_amd64.deb ...
Unpacking libnet-libidn-perl (0.12.ds-3build6) ...
Setting up libio-socket-inet6-perl (2.73-1) ...
Setting up libnet-libidn-perl (0.12.ds-3build6) ...
Processing triggers for man-db (2.10.2-1) ...
Reading package lists...
Building dependency tree...
Reading state information...
nftables is already the newest version (1.0.2-1ubuntu3).
nftables set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 35 not upgraded.
[*] Whitelist temporal de tu IP 87.98.225.137 en CSF (para no perder SSH)…
add failed: 87.98.225.137 is one of this servers addresses!
[*] Comprobando otros firewalls…
Status: inactive
Firewall stopped and disabled on system startup
[*] Detectado CSF instalado. Procedo con instalación/upgrade a Sentinel (conservando /etc/csf)…
[*] Descargando Sentinel…
--2025-10-28 13:53:31-- https://github.com/sentinelfirewall/sentinel/raw/refs/heads/main/csf.tgz
Resolving github.com (github.com)... 140.82.121.3
Connecting to github.com (github.com)|140.82.121.3|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://raw.githubusercontent.com/sentinelfirewall/sentinel/refs/heads/main/csf.tgz [following]
--2025-10-28 13:53:32-- https://raw.githubusercontent.com/sentinelfirewall/sentinel/refs/heads/main/csf.tgz
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.111.133, 185.199.108.133, 185.199.109.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.111.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2226543 (2.1M) [application/octet-stream]
Saving to: ‘/usr/src/sentinel_2025-10-28-135305/csf.tgz’
0K .......... .......... .......... .......... .......... 2% 15.4M 0s
50K .......... .......... .......... .......... .......... 4% 35.0M 0s
100K .......... .......... .......... .......... .......... 6% 20.2M 0s
150K .......... .......... .......... .......... .......... 9% 95.6M 0s
200K .......... .......... .......... .......... .......... 11% 85.7M 0s
250K .......... .......... .......... .......... .......... 13% 21.4M 0s
300K .......... .......... .......... .......... .......... 16% 193M 0s
350K .......... .......... .......... .......... .......... 18% 117M 0s
400K .......... .......... .......... .......... .......... 20% 126M 0s
450K .......... .......... .......... .......... .......... 22% 343M 0s
500K .......... .......... .......... .......... .......... 25% 34.2M 0s
550K .......... .......... .......... .......... .......... 27% 57.4M 0s
600K .......... .......... .......... .......... .......... 29% 217M 0s
650K .......... .......... .......... .......... .......... 32% 277M 0s
700K .......... .......... .......... .......... .......... 34% 304M 0s
750K .......... .......... .......... .......... .......... 36% 208M 0s
800K .......... .......... .......... .......... .......... 39% 126M 0s
850K .......... .......... .......... .......... .......... 41% 363M 0s
900K .......... .......... .......... .......... .......... 43% 227M 0s
950K .......... .......... .......... .......... .......... 45% 458M 0s
1000K .......... .......... .......... .......... .......... 48% 51.7M 0s
1050K .......... .......... .......... .......... .......... 50% 200M 0s
1100K .......... .......... .......... .......... .......... 52% 81.2M 0s
1150K .......... .......... .......... .......... .......... 55% 227M 0s
1200K .......... .......... .......... .......... .......... 57% 92.9M 0s
1250K .......... .......... .......... .......... .......... 59% 220M 0s
1300K .......... .......... .......... .......... .......... 62% 46.7M 0s
1350K .......... .......... .......... .......... .......... 64% 399M 0s
1400K .......... .......... .......... .......... .......... 66% 332M 0s
1450K .......... .......... .......... .......... .......... 68% 358M 0s
1500K .......... .......... .......... .......... .......... 71% 230M 0s
1550K .......... .......... .......... .......... .......... 73% 313M 0s
1600K .......... .......... .......... .......... .......... 75% 456M 0s
1650K .......... .......... .......... .......... .......... 78% 449M 0s
1700K .......... .......... .......... .......... .......... 80% 460M 0s
1750K .......... .......... .......... .......... .......... 82% 407M 0s
1800K .......... .......... .......... .......... .......... 85% 428M 0s
1850K .......... .......... .......... .......... .......... 87% 460M 0s
1900K .......... .......... .......... .......... .......... 89% 456M 0s
1950K .......... .......... .......... .......... .......... 91% 387M 0s
2000K .......... .......... .......... .......... .......... 94% 348M 0s
2050K .......... .......... .......... .......... .......... 96% 385M 0s
2100K .......... .......... .......... .......... .......... 98% 461M 0s
2150K .......... .......... .... 100% 456M=0.02s
2025-10-28 13:53:32 (99.4 MB/s) - ‘/usr/src/sentinel_2025-10-28-135305/csf.tgz’ saved [2226543/2226543]
[*] Ejecutando install.sh…
Selecting installer...
Running csf generic installer
Installing generic csf and lfd
Check we're running as root
mkdir: cannot create directory ‘/etc/csf’: File exists
'install.txt' -> '/etc/csf/install.txt'
Checking Perl modules...
Configuration modified to use iptables-nft
Configuration modified to use ip6tables-nft
Configuration modified for Debian/Ubuntu/Gentoo settings /etc/csf/csf.conf
...Perl modules OK
mkdir: cannot create directory ‘/etc/csf’: File exists
mkdir: cannot create directory ‘/var/lib/csf’: File exists
mkdir: cannot create directory ‘/var/lib/csf/backup’: File exists
mkdir: cannot create directory ‘/var/lib/csf/Geo’: File exists
mkdir: cannot create directory ‘/var/lib/csf/ui’: File exists
mkdir: cannot create directory ‘/var/lib/csf/stats’: File exists
mkdir: cannot create directory ‘/var/lib/csf/lock’: File exists
mkdir: cannot create directory ‘/var/lib/csf/webmin’: File exists
mkdir: cannot create directory ‘/var/lib/csf/zone’: File exists
mkdir: cannot create directory ‘/usr/local/csf’: File exists
mkdir: cannot create directory ‘/usr/local/csf/bin’: File exists
mkdir: cannot create directory ‘/usr/local/csf/lib’: File exists
mkdir: cannot create directory ‘/usr/local/csf/tpl’: File exists
'csf.blocklists' -> '/etc/csf/csf.blocklists.new'
'loadalert.txt' -> '/usr/local/csf/tpl/loadalert.txt.new'
'x-arf.txt' -> '/usr/local/csf/tpl/./x-arf.txt'
'csf.pl' -> '/usr/sbin/csf'
'lfd.pl' -> '/usr/sbin/lfd'
'/etc/csf/csf.pl' -> '/usr/sbin/csf'
'/etc/csf/lfd.pl' -> '/usr/sbin/lfd'
'/etc/csf/csftest.pl' -> '/usr/local/csf/bin/csftest.pl'
'/etc/csf/pt_deleted_action.pl' -> '/usr/local/csf/bin/pt_deleted_action.pl'
'/etc/csf/remove_apf_bfd.sh' -> '/usr/local/csf/bin/remove_apf_bfd.sh'
'/etc/csf/uninstall.sh' -> '/usr/local/csf/bin/uninstall.sh'
'/etc/csf/regex.custom.pm' -> '/usr/local/csf/bin/regex.custom.pm'
'/etc/csf/webmin' -> '/usr/local/csf/lib/webmin'
mkdir: cannot create directory ‘webmin/csf/images’: File exists
mkdir: cannot create directory ‘ui/images’: File exists
mkdir: cannot create directory ‘da/images’: File exists
mkdir: cannot create directory ‘interworx/images’: File exists
'csf/LICENSE.txt' -> 'webmin/csf/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'webmin/csf/images/admin_icon.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/css/bootstrap.min.css' -> 'webmin/csf/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'webmin/csf/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/js/bootstrap.min.js' -> 'webmin/csf/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'webmin/csf/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'webmin/csf/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'webmin/csf/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'webmin/csf/images/chosen.min.css'
'csf/chosen.min.js' -> 'webmin/csf/images/chosen.min.js'
'csf/configserver.css' -> 'webmin/csf/images/configserver.css'
'csf/csf-loader.gif' -> 'webmin/csf/images/csf-loader.gif'
'csf/csf.svg' -> 'webmin/csf/images/csf.svg'
'csf/csf_small.png' -> 'webmin/csf/images/csf_small.png'
'csf/jquery.min.js' -> 'webmin/csf/images/jquery.min.js'
'csf/loader.gif' -> 'webmin/csf/images/loader.gif'
'csf/reseller_icon.svg' -> 'webmin/csf/images/reseller_icon.svg'
'csf/LICENSE.txt' -> 'ui/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'ui/images/admin_icon.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/css/bootstrap.min.css' -> 'ui/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'ui/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/js/bootstrap.min.js' -> 'ui/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'ui/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'ui/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'ui/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'ui/images/chosen.min.css'
'csf/chosen.min.js' -> 'ui/images/chosen.min.js'
'csf/configserver.css' -> 'ui/images/configserver.css'
'csf/csf-loader.gif' -> 'ui/images/csf-loader.gif'
'csf/csf.svg' -> 'ui/images/csf.svg'
'csf/csf_small.png' -> 'ui/images/csf_small.png'
'csf/jquery.min.js' -> 'ui/images/jquery.min.js'
'csf/loader.gif' -> 'ui/images/loader.gif'
'csf/reseller_icon.svg' -> 'ui/images/reseller_icon.svg'
'csf/LICENSE.txt' -> 'da/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'da/images/admin_icon.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/css/bootstrap.min.css' -> 'da/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'da/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/js/bootstrap.min.js' -> 'da/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'da/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'da/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'da/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'da/images/chosen.min.css'
'csf/chosen.min.js' -> 'da/images/chosen.min.js'
'csf/configserver.css' -> 'da/images/configserver.css'
'csf/csf-loader.gif' -> 'da/images/csf-loader.gif'
'csf/csf.svg' -> 'da/images/csf.svg'
'csf/csf_small.png' -> 'da/images/csf_small.png'
'csf/jquery.min.js' -> 'da/images/jquery.min.js'
'csf/loader.gif' -> 'da/images/loader.gif'
'csf/reseller_icon.svg' -> 'da/images/reseller_icon.svg'
'csf/LICENSE.txt' -> 'interworx/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'interworx/images/admin_icon.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/css/bootstrap.min.css' -> 'interworx/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'interworx/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/js/bootstrap.min.js' -> 'interworx/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'interworx/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'interworx/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'interworx/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'interworx/images/chosen.min.css'
'csf/chosen.min.js' -> 'interworx/images/chosen.min.js'
'csf/configserver.css' -> 'interworx/images/configserver.css'
'csf/csf-loader.gif' -> 'interworx/images/csf-loader.gif'
'csf/csf.svg' -> 'interworx/images/csf.svg'
'csf/csf_small.png' -> 'interworx/images/csf_small.png'
'csf/jquery.min.js' -> 'interworx/images/jquery.min.js'
'csf/loader.gif' -> 'interworx/images/loader.gif'
'csf/reseller_icon.svg' -> 'interworx/images/reseller_icon.svg'
'messenger/en.php' -> '/etc/csf/messenger/en.php'
'messenger/index.php' -> '/etc/csf/messenger/index.php'
'messenger/index.recaptcha.php' -> '/etc/csf/messenger/index.recaptcha.php'
'uninstall.generic.sh' -> '/usr/local/csf/bin/uninstall.sh'
'csftest.pl' -> '/usr/local/csf/bin/csftest.pl'
'remove_apf_bfd.sh' -> '/usr/local/csf/bin/remove_apf_bfd.sh'
'readme.txt' -> '/etc/csf/readme.txt'
'sanity.txt' -> '/usr/local/csf/lib/sanity.txt'
'csf.rbls' -> '/usr/local/csf/lib/csf.rbls'
'restricted.txt' -> '/usr/local/csf/lib/restricted.txt'
'changelog.txt' -> '/etc/csf/changelog.txt'
'downloadservers' -> '/etc/csf/downloadservers'
'install.txt' -> '/etc/csf/install.txt'
'version.txt' -> '/etc/csf/version.txt'
'license.txt' -> '/etc/csf/license.txt'
'webmin/csf/module.info' -> '/usr/local/csf/lib/webmin/csf/module.info'
'webmin/csf/index.cgi' -> '/usr/local/csf/lib/webmin/csf/index.cgi'
'webmin/csf/images/LICENSE.txt' -> '/usr/local/csf/lib/webmin/csf/images/LICENSE.txt'
'webmin/csf/images/jquery.min.js' -> '/usr/local/csf/lib/webmin/csf/images/jquery.min.js'
'webmin/csf/images/csf-loader.gif' -> '/usr/local/csf/lib/webmin/csf/images/csf-loader.gif'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.svg' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.eot' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'webmin/csf/images/bootstrap/css/bootstrap.min.css' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/css/bootstrap.min.css'
'webmin/csf/images/bootstrap/css/bootstrap.min.css.map' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/css/bootstrap.min.css.map'
'webmin/csf/images/bootstrap/js/bootstrap.min.js' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/js/bootstrap.min.js'
'webmin/csf/images/csf_small.png' -> '/usr/local/csf/lib/webmin/csf/images/csf_small.png'
'webmin/csf/images/chosen.min.css' -> '/usr/local/csf/lib/webmin/csf/images/chosen.min.css'
'webmin/csf/images/chosen-sprite@2x.png' -> '/usr/local/csf/lib/webmin/csf/images/chosen-sprite@2x.png'
'webmin/csf/images/reseller_icon.svg' -> '/usr/local/csf/lib/webmin/csf/images/reseller_icon.svg'
'webmin/csf/images/configserver.css' -> '/usr/local/csf/lib/webmin/csf/images/configserver.css'
'webmin/csf/images/loader.gif' -> '/usr/local/csf/lib/webmin/csf/images/loader.gif'
'webmin/csf/images/chosen.min.js' -> '/usr/local/csf/lib/webmin/csf/images/chosen.min.js'
'webmin/csf/images/bootstrap-chosen.css' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap-chosen.css'
'webmin/csf/images/csf.svg' -> '/usr/local/csf/lib/webmin/csf/images/csf.svg'
'webmin/csf/images/chosen-sprite.png' -> '/usr/local/csf/lib/webmin/csf/images/chosen-sprite.png'
'webmin/csf/images/admin_icon.svg' -> '/usr/local/csf/lib/webmin/csf/images/admin_icon.svg'
'ConfigServer' -> '/usr/local/csf/lib/Sentinel'
'ConfigServer/Messenger.pm' -> '/usr/local/csf/lib/Sentinel/Messenger.pm'
'ConfigServer/RBLLookup.pm' -> '/usr/local/csf/lib/Sentinel/RBLLookup.pm'
'ConfigServer/RBLCheck.pm' -> '/usr/local/csf/lib/Sentinel/RBLCheck.pm'
'ConfigServer/AbuseIP.pm' -> '/usr/local/csf/lib/Sentinel/AbuseIP.pm'
'ConfigServer/Logger.pm' -> '/usr/local/csf/lib/Sentinel/Logger.pm'
'ConfigServer/Config.pm' -> '/usr/local/csf/lib/Sentinel/Config.pm'
'ConfigServer/ServerCheck.pm' -> '/usr/local/csf/lib/Sentinel/ServerCheck.pm'
'ConfigServer/Slurp.pm' -> '/usr/local/csf/lib/Sentinel/Slurp.pm'
'ConfigServer/GetIPs.pm' -> '/usr/local/csf/lib/Sentinel/GetIPs.pm'
'ConfigServer/GetEthDev.pm' -> '/usr/local/csf/lib/Sentinel/GetEthDev.pm'
'ConfigServer/CheckIP.pm' -> '/usr/local/csf/lib/Sentinel/CheckIP.pm'
'ConfigServer/URLGet.pm' -> '/usr/local/csf/lib/Sentinel/URLGet.pm'
'ConfigServer/Ports.pm' -> '/usr/local/csf/lib/Sentinel/Ports.pm'
'ConfigServer/cseUI.pm' -> '/usr/local/csf/lib/Sentinel/cseUI.pm'
'ConfigServer/RegexMain.pm' -> '/usr/local/csf/lib/Sentinel/RegexMain.pm'
'ConfigServer/Sendmail.pm' -> '/usr/local/csf/lib/Sentinel/Sendmail.pm'
'ConfigServer/Sanity.pm' -> '/usr/local/csf/lib/Sentinel/Sanity.pm'
'ConfigServer/DisplayResellerUI.pm' -> '/usr/local/csf/lib/Sentinel/DisplayResellerUI.pm'
'ConfigServer/DisplayUI.pm' -> '/usr/local/csf/lib/Sentinel/DisplayUI.pm'
'ConfigServer/ServerStats.pm' -> '/usr/local/csf/lib/Sentinel/ServerStats.pm'
'ConfigServer/KillSSH.pm' -> '/usr/local/csf/lib/Sentinel/KillSSH.pm'
'ConfigServer/LookUpIP.pm' -> '/usr/local/csf/lib/Sentinel/LookUpIP.pm'
'ConfigServer/CloudFlare.pm' -> '/usr/local/csf/lib/Sentinel/CloudFlare.pm'
'ConfigServer/Service.pm' -> '/usr/local/csf/lib/Sentinel/Service.pm'
'Net/IP.pm' -> '/usr/local/csf/lib/Net/IP.pm'
'Net/CIDR/Lite.pm' -> '/usr/local/csf/lib/Net/CIDR/Lite.pm'
cp: cannot stat 'Geo': No such file or directory
'Crypt/CBC.pm' -> '/usr/local/csf/lib/Crypt/CBC.pm'
'Crypt/Blowfish_PP.pm' -> '/usr/local/csf/lib/Crypt/Blowfish_PP.pm'
'HTTP/Tiny.pm' -> '/usr/local/csf/lib/HTTP/Tiny.pm'
'JSON/Tiny.pm' -> '/usr/local/csf/lib/JSON/Tiny.pm'
'version/version/vpp.pm' -> '/usr/local/csf/lib/version/vpp.pm'
'version/version/regex.pm' -> '/usr/local/csf/lib/version/regex.pm'
'version/version.pm' -> '/usr/local/csf/lib/version.pm'
'csf.div' -> '/usr/local/csf/lib/csf.div'
'csfajaxtail.js' -> '/usr/local/csf/lib/csfajaxtail.js'
'ui/images/LICENSE.txt' -> '/etc/csf/ui/./images/LICENSE.txt'
'ui/images/jquery.min.js' -> '/etc/csf/ui/./images/jquery.min.js'
'ui/images/csf-loader.gif' -> '/etc/csf/ui/./images/csf-loader.gif'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.svg' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.eot' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'ui/images/bootstrap/css/bootstrap.min.css' -> '/etc/csf/ui/./images/bootstrap/css/bootstrap.min.css'
'ui/images/bootstrap/css/bootstrap.min.css.map' -> '/etc/csf/ui/./images/bootstrap/css/bootstrap.min.css.map'
'ui/images/bootstrap/js/bootstrap.min.js' -> '/etc/csf/ui/./images/bootstrap/js/bootstrap.min.js'
'ui/images/csf_small.png' -> '/etc/csf/ui/./images/csf_small.png'
'ui/images/chosen.min.css' -> '/etc/csf/ui/./images/chosen.min.css'
'ui/images/chosen-sprite@2x.png' -> '/etc/csf/ui/./images/chosen-sprite@2x.png'
'ui/images/reseller_icon.svg' -> '/etc/csf/ui/./images/reseller_icon.svg'
'ui/images/configserver.css' -> '/etc/csf/ui/./images/configserver.css'
'ui/images/loader.gif' -> '/etc/csf/ui/./images/loader.gif'
'ui/images/chosen.min.js' -> '/etc/csf/ui/./images/chosen.min.js'
'ui/images/bootstrap-chosen.css' -> '/etc/csf/ui/./images/bootstrap-chosen.css'
'ui/images/csf.svg' -> '/etc/csf/ui/./images/csf.svg'
'ui/images/chosen-sprite.png' -> '/etc/csf/ui/./images/chosen-sprite.png'
'ui/images/admin_icon.svg' -> '/etc/csf/ui/./images/admin_icon.svg'
'profiles/disable_alerts.conf' -> '/usr/local/csf/profiles/disable_alerts.conf'
'profiles/block_all_temp.conf' -> '/usr/local/csf/profiles/block_all_temp.conf'
'profiles/protection_low.conf' -> '/usr/local/csf/profiles/protection_low.conf'
'profiles/block_all_perm.conf' -> '/usr/local/csf/profiles/block_all_perm.conf'
'profiles/protection_medium.conf' -> '/usr/local/csf/profiles/protection_medium.conf'
'profiles/protection_high.conf' -> '/usr/local/csf/profiles/protection_high.conf'
'csf.conf' -> '/usr/local/csf/profiles/reset_to_defaults.conf'
'lfd.logrotate' -> '/etc/logrotate.d/lfd'
chcon: failed to get security context of '/etc/logrotate.d': No data available
'csf.1.txt' -> '/usr/local/man/man1/csf.1'
'csf.help' -> '/usr/local/csf/lib/csf.help'
mode of '/usr/local/csf/bin/csftest.pl' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/pt_deleted_action.pl' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/remove_apf_bfd.sh' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/uninstall.sh' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/regex.custom.pm' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/etc/csf/csf.pl' retained as 0700 (rwx------)
mode of '/etc/csf/csftest.pl' retained as 0700 (rwx------)
mode of '/etc/csf/lfd.pl' retained as 0700 (rwx------)
mode of '/etc/csf/pt_deleted_action.pl' retained as 0700 (rwx------)
chmod: cannot access '/etc/csf/*.cgi': No such file or directory
failed to change mode of '/etc/csf/*.cgi' from 0700 (rwx------) to 0700 (rwx------)
mode of '/etc/csf/remove_apf_bfd.sh' retained as 0700 (rwx------)
mode of '/etc/csf/uninstall.sh' retained as 0700 (rwx------)
chmod: cannot access '/etc/csf/*.php': No such file or directory
failed to change mode of '/etc/csf/*.php' from 0700 (rwx------) to 0700 (rwx------)
chmod: cannot access '/etc/csf/*.py': No such file or directory
failed to change mode of '/etc/csf/*.py' from 0700 (rwx------) to 0700 (rwx------)
mode of '/etc/csf/webmin/csf/index.cgi' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/etc/cron.d/lfd-cron' retained as 0644 (rw-r--r--)
mode of '/etc/cron.d/csf-cron' retained as 0644 (rw-r--r--)
'csget.pl' -> '/etc/cron.daily/csget'
mode of 'auto.generic.pl' changed from 0664 (rw-rw-r--) to 0700 (rwx------)
'/etc/csf/csf.conf' -> '/var/lib/csf/backup/1761656012_pre_v15_11_upgrade'
Adding current SSH session IP address to the csf whitelist in csf.allow:
Adding 162.19.56.193 to csf.allow and iptables ACCEPT...
csf: IPSET adding [162.19.56.193] to set [chain_ALLOW]
'lfd.service' -> '/usr/lib/systemd/system/lfd.service'
'csf.service' -> '/usr/lib/systemd/system/csf.service'
Unit /etc/systemd/system/firewalld.service is masked, ignoring.
'/etc/csf/csfwebmin.tgz' -> '/usr/local/csf/csfwebmin.tgz'
Installation Completed
[*] Asegurando TESTING="0"…
[*] Habilitando y arrancando servicios csf/lfd…
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `ALLOWDYNIN'
Flushing chain `ALLOWDYNOUT'
Flushing chain `ALLOWIN'
Flushing chain `ALLOWOUT'
Flushing chain `CC_DENY'
Flushing chain `DENYIN'
Flushing chain `DENYOUT'
Flushing chain `INVALID'
Flushing chain `INVDROP'
Flushing chain `LOCALINPUT'
Flushing chain `LOCALOUTPUT'
Flushing chain `LOGDROPIN'
Flushing chain `LOGDROPOUT'
Deleting chain `ALLOWDYNIN'
Deleting chain `ALLOWDYNOUT'
Deleting chain `ALLOWIN'
Deleting chain `ALLOWOUT'
Deleting chain `CC_DENY'
Deleting chain `DENYIN'
Deleting chain `DENYOUT'
Deleting chain `INVALID'
Deleting chain `INVDROP'
Deleting chain `LOCALINPUT'
Deleting chain `LOCALOUTPUT'
Deleting chain `LOGDROPIN'
Deleting chain `LOGDROPOUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
csf: FASTSTART loading DROP no logging (IPv4)
LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP_IN Blocked* "
LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP_OUT Blocked* "
LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP_IN Blocked* "
LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP_OUT Blocked* "
LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP_IN Blocked* "
LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP_OUT Blocked* "
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
REJECT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 reject-with icmp-port-unreachable
DENYOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
DENYIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ALLOWOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
ALLOWIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
csf: FASTSTART loading Packet Filter (IPv4)
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
INVALID tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
INVALID tcp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
csf: IPSET creating set chain_DENY
csf: FASTSTART loading csf.deny (IPv4)
csf: FASTSTART loading csf.deny (IPSET)
csf: IPSET creating set chain_ALLOWDYN
ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set chain_ALLOWDYN src
ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set chain_ALLOWDYN dst
csf: IPSET adding [162.19.56.193] to set [chain_ALLOWDYN]
csf: IPSET adding [54.36.45.193] to set [chain_ALLOWDYN]
csf: IPSET adding [213.32.104.159] to set [chain_ALLOWDYN]
csf: IPSET adding [91.134.3.52] to set [chain_ALLOWDYN]
csf: IPSET adding [212.170.102.150] to set [chain_ALLOWDYN]
csf: IPSET adding [54.36.201.38] to set [chain_ALLOWDYN]
csf: IPSET adding [213.32.104.198] to set [chain_ALLOWDYN]
ALLOWDYNIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ALLOWDYNOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
csf: IPSET creating set chain_ALLOW
csf: FASTSTART loading csf.allow (IPv4)
csf: FASTSTART loading csf.allow (IPSET)
csf: IPSET creating set cc_cn
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set cc_cn src
csf: IPSET loading set cc_cn with 5485 entries
csf: IPSET creating set cc_tk
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set cc_tk src
csf: IPSET loading set cc_tk with 3 entries
csf: IPSET creating set cc_in
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set cc_in src
csf: IPSET loading set cc_in with 6956 entries
csf: IPSET creating set cc_rs
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set cc_rs src
csf: IPSET loading set cc_rs with 380 entries
csf: IPSET creating set cc_ug
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set cc_ug src
csf: IPSET loading set cc_ug with 95 entries
csf: IPSET creating set cc_ph
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 match-set cc_ph src
csf: IPSET loading set cc_ph with 789 entries
CC_DENY all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmptype 8 limit: avg 1/sec burst 5
LOGDROPIN icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 icmptype 8
ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED
csf: FASTSTART loading TCP_IN (IPv4)
csf: FASTSTART loading TCP_OUT (IPv4)
csf: FASTSTART loading UDP_IN (IPv4)
csf: FASTSTART loading UDP_OUT (IPv4)
ACCEPT all opt -- in lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in * out lo 0.0.0.0/0 -> 0.0.0.0/0
LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
LOGDROPIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
csf: FASTSTART loading DNS (IPv4)
LOCALOUTPUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
LOCALINPUT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
● lfd.service - Sentinel Firewall & Security - lfd
Loaded: loaded (/lib/systemd/system/lfd.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2025-10-28 13:53:37 CET; 5ms ago
Process: 877397 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
Main PID: 877407 (lfd - starting)
Tasks: 1 (limit: 154070)
Memory: 24.5M
CPU: 211ms
CGroup: /system.slice/lfd.service
└─877407 "lfd - starting"
*WARNING* PT_LOAD_LEVEL sanity check. PT_LOAD_LEVEL = 600. Recommended range: 2-20 (Default: 6)
*WARNING* RESTRICT_SYSLOG is disabled. See SECURITY WARNING in /etc/csf/csf.conf.
== RESUMEN ==
Version segun /etc/csf/version.txt: 15.11
csf -v: csf: v15.11 (generic)
● csf.service - Sentinel Firewall & Security - csf
Loaded: loaded (/lib/systemd/system/csf.service; enabled; vendor preset: enabled)
Active: active (exited) since Tue 2025-08-19 08:11:02 CEST; 2 months 9 days ago
Main PID: 140 (code=exited, status=0/SUCCESS)
CPU: 374ms
● lfd.service - Sentinel Firewall & Security - lfd
Loaded: loaded (/lib/systemd/system/lfd.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2025-10-28 13:53:37 CET; 343ms ago
Process: 877397 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
Main PID: 877407 (lfd - sleeping)
Tasks: 9 (limit: 154070)
Memory: 37.9M
CPU: 664ms
CGroup: /system.slice/lfd.service
├─877407 "lfd - sleeping"
├─877417 "lfd - resolving dyndns IP addresses"
├─877418 "lfd - retrieving countrycodelookups lists (waiting for list lock)"
├─877419 "lfd - retrieving countrycode lists (waiting for list lock)"
├─877420 "lfd - checking system integrity"
├─877423 /usr/bin/md5sum --check /var/lib/csf/csf.tempint
└─877472 /usr/bin/host -W 5 pbs01.6am.es
Reglas activas (csf -l):
iptables filter table
=====================
Chain INPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT tcp -- !lo * 8.8.4.4 0.0.0.0/0 tcp dpt:53
2 0 0 ACCEPT udp -- !lo * 8.8.4.4 0.0.0.0/0 udp dpt:53
3 0 0 ACCEPT tcp -- !lo * 8.8.4.4 0.0.0.0/0 tcp spt:53
4 0 0 ACCEPT udp -- !lo * 8.8.4.4 0.0.0.0/0 udp spt:53
5 0 0 ACCEPT tcp -- !lo * 8.8.8.8 0.0.0.0/0 tcp dpt:53
6 0 0 ACCEPT udp -- !lo * 8.8.8.8 0.0.0.0/0 udp dpt:53
7 0 0 ACCEPT tcp -- !lo * 8.8.8.8 0.0.0.0/0 tcp spt:53
8 0 0 ACCEPT udp -- !lo * 8.8.8.8 0.0.0.0/0 udp spt:53
9 0 0 ACCEPT tcp -- !lo * 213.186.33.99 0.0.0.0/0 tcp dpt:53
10 0 0 ACCEPT udp -- !lo * 213.186.33.99 0.0.0.0/0 udp dpt:53
11 0 0 ACCEPT tcp -- !lo * 213.186.33.99 0.0.0.0/0 tcp spt:53
12 27 2526 ACCEPT udp -- !lo * 213.186.33.99 0.0.0.0/0 udp spt:53
13 65 19423 LOCALINPUT all -- !lo * 0.0.0.0/0 0.0.0.0/0
14 1 576 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
15 219 33039 INVALID tcp -- !lo * 0.0.0.0/0 0.0.0.0/0
16 5 160 ACCEPT icmp -- !lo * 0.0.0.0/0 0.0.0.0/0 icmptype 8 limit: avg 1/sec burst 5
17 3 96 LOGDROPIN icmp -- !lo * 0.0.0.0/0 0.0.0.0/0 icmptype 8
18 0 0 ACCEPT icmp -- !lo * 0.0.0.0/0 0.0.0.0/0
19 41 17058 ACCEPT all -- !lo * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
20 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
21 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
22 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
23 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
24 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
25 2 84 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:49152:65534
26 0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:20
27 0 0 ACCEPT udp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:21
28 0 0 LOGDROPIN all -- !lo * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 8.8.4.4 tcp dpt:53
2 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 8.8.4.4 udp dpt:53
3 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 8.8.4.4 tcp spt:53
4 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 8.8.4.4 udp spt:53
5 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 8.8.8.8 tcp dpt:53
6 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 8.8.8.8 udp dpt:53
7 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 8.8.8.8 tcp spt:53
8 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 8.8.8.8 udp spt:53
9 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 213.186.33.99 tcp dpt:53
10 27 1601 ACCEPT udp -- * !lo 0.0.0.0/0 213.186.33.99 udp dpt:53
11 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 213.186.33.99 tcp spt:53
12 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 213.186.33.99 udp spt:53
13 67 8926 LOCALOUTPUT all -- * !lo 0.0.0.0/0 0.0.0.0/0
14 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
15 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 udp dpt:53
16 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp spt:53
17 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 udp spt:53
18 1 576 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
19 221 272K INVALID tcp -- * !lo 0.0.0.0/0 0.0.0.0/0
20 5 160 ACCEPT icmp -- * !lo 0.0.0.0/0 0.0.0.0/0
21 44 4887 ACCEPT all -- * !lo 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
22 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:20
23 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
24 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
25 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25
26 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
27 3 180 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
28 2 120 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:587
29 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
30 0 0 ACCEPT udp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123
31 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 0.0.0.0/0
Chain ALLOWDYNIN (1 references)
num pkts bytes target prot opt in out source destination
1 7 456 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOWDYN src
Chain ALLOWDYNOUT (1 references)
num pkts bytes target prot opt in out source destination
1 8 1992 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOWDYN dst
Chain ALLOWIN (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW src
Chain ALLOWOUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW dst
Chain CC_DENY (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set cc_ph src
2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set cc_ug src
3 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set cc_rs src
4 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set cc_in src
5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set cc_tk src
6 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set cc_cn src
Chain DENYIN (1 references)
num pkts bytes target prot opt in out source destination
1 3 266 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY src
Chain DENYOUT (1 references)
num pkts bytes target prot opt in out source destination
1 1 673 LOGDROPOUT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY dst
Chain INVALID (2 references)
num pkts bytes target prot opt in out source destination
1 1 60 INVDROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
2 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
3 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
4 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
5 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
6 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
7 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
8 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
9 0 0 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
10 7 2560 INVDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
Chain INVDROP (10 references)
num pkts bytes target prot opt in out source destination
1 8 2620 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LOCALINPUT (1 references)
num pkts bytes target prot opt in out source destination
1 65 19423 ALLOWDYNIN all -- !lo * 0.0.0.0/0 0.0.0.0/0
2 44 17530 ALLOWIN all -- !lo * 0.0.0.0/0 0.0.0.0/0
3 44 17530 DENYIN all -- !lo * 0.0.0.0/0 0.0.0.0/0
4 41 17264 CC_DENY all -- !lo * 0.0.0.0/0 0.0.0.0/0
Chain LOCALOUTPUT (1 references)
num pkts bytes target prot opt in out source destination
1 67 8926 ALLOWDYNOUT all -- * !lo 0.0.0.0/0 0.0.0.0/0
2 45 4684 ALLOWOUT all -- * !lo 0.0.0.0/0 0.0.0.0/0
3 45 4684 DENYOUT all -- * !lo 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPIN (2 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:23
2 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:23
3 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
4 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
5 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
6 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
7 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
8 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111
9 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
10 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:113
11 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
12 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
13 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
14 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
15 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:500
16 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500
17 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
18 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:513
19 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
20 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
21 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP_IN Blocked* "
22 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP_IN Blocked* "
23 3 96 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP_IN Blocked* "
24 3 96 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain LOGDROPOUT (2 references)
num pkts bytes target prot opt in out source destination
1 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP_OUT Blocked* "
2 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP_OUT Blocked* "
3 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP_OUT Blocked* "
4 1 673 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
iptables mangle table
=====================
Chain PREROUTING (policy ACCEPT 1905M packets, 6996G bytes)
num pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 1900M packets, 6996G bytes)
num pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1749M packets, 1300G bytes)
num pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1749M packets, 1300G bytes)
num pkts bytes target prot opt in out source destination
iptables raw table
==================
Chain PREROUTING (policy ACCEPT 1905M packets, 6996G bytes)
num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1749M packets, 1300G bytes)
num pkts bytes target prot opt in out source destination
iptables nat table
==================
Chain PREROUTING (policy ACCEPT 62M packets, 2898M bytes)
num pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 21M packets, 1110M bytes)
num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 27M packets, 1685M bytes)
num pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 27M packets, 1592M bytes)
num pkts bytes target prot opt in out source destination
Config en: /etc/csf/csf.conf
Backup en: /var/backups/csf-2025-10-28-135305
Log de esta ejecución: /var/log/sentinel_migration_2025-10-28-135305.log
== Migración finalizada ==