Iptables rule limit (numiptent) is too low

If installing csf on a VPS and add too many entries to one of the allow or deny files (/etc/csf/csf.allow or csf.deny) You may come across with a “numiptent” error message while trying to restarting iptables on a VPS. The error looks somewhat like:

The VPS iptables rule limit (numiptent) is too low (491/500) – stopping firewall to prevent iptables blocking all connections, at line xxx

In this case, you need to increase the “NUMIPTENT” value in the VPS configuration file which is located at /etc/sysconfig/vz-scripts/ directory. There is a restriction on the total number of IP packet filtering entries in the system and when the allotted limit is lower than the number of iptable rules set on your VPS, you will receive the above error message. You need to increase the “numiptent” value and restart the VPS.


I am a g33k, Linux blogger, developer, student and Tech Writer for Liquidweb.com/kb. My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.