Dec 252009

If installing csf on a VPS and add too many entries to one of the allow or deny files (/etc/csf/csf.allow or csf.deny) You may come across with a “numiptent” error message while trying to restarting iptables on a VPS. The error looks somewhat like:

The VPS iptables rule limit (numiptent) is too low (491/500) – stopping firewall to prevent iptables blocking all connections, at line xxx

In this case, you need to increase the “NUMIPTENT” value in the VPS configuration file which is located at /etc/sysconfig/vz-scripts/ directory. There is a restriction on the total number of IP packet filtering entries in the system and when the allotted limit is lower than the number of iptable rules set on your VPS, you will receive the above error message. You need to increase the “numiptent” value and restart the VPS.

 Posted by at 5:09 am