Search found 21 matches

Go to advanced search

by robm
07 Jan 2011, 02:06
Forum: Report Bugs (csf)
Topic: deny_ip_limit does not remove IPs from iptables?
Replies: 1
Views: 3932

deny_ip_limit does not remove IPs from iptables?

When the deny_ip_limit limit is exceeded, and an additional "csf -d" command is run, the IPs are removed from csf.deny, but they still seem to be active in iptables. Is this the expected behavior? I would have thought they would be removed from iptables with csf -dr automatically so csf.de...
by robm
22 Jun 2009, 18:03
Forum: Report Bugs (csf)
Topic: lfd not sending emails in upgraded versions > 4.60
Replies: 4
Views: 9228

ForumAdmin wrote:We will issue a fix for this in v4.72 in the next few minutes.
Thank you for the quick fix, works great!

Rob
by robm
22 Jun 2009, 00:42
Forum: Suggestions (csf)
Topic: proftpd "UseReverseDNS on" support
Replies: 1
Views: 4395

proftpd "UseReverseDNS on" support

Please consider adjusting the proftpd regex to account for the proftpd.conf option: UseReverseDNS on which will use domain names in the log, i.e.: Jun 21 19:40:47 slate proftpd[4586]: slate.XXX.net (XYZ.XXX.net[1.2.3.4]) - USER dsfsdfsd: no such user found from XYZ.XXX.net [1.2.3.4] to 5.6.7.8:21 Th...
by robm
21 Jun 2009, 23:12
Forum: Report Bugs (csf)
Topic: lfd not sending emails in upgraded versions > 4.60
Replies: 4
Views: 9228

ok, I found that if we had previously edited the *.txt email templates to change the headers to: --- From: servername <root@servername> To: my@email.addres s --- then on later versions csf will not send emails. Changing these back to: --- From: root To: root --- seemed to "fix" it. Seems a...
by robm
21 Jun 2009, 22:45
Forum: Report Bugs (csf)
Topic: lfd not sending emails in upgraded versions > 4.60
Replies: 4
Views: 9228

lfd not sending emails in upgraded versions > 4.60

On the servers we have upgraded to versions greater than 4.60, lfd has stopped sending email alerts (including latest version). Servers with versions less than 4.61 continue to send email alerts. All servers are RHEL5/cetnOS5 32 bit servers. csf.conf settings all appear correct. As another test, we ...
by robm
17 Apr 2009, 01:30
Forum: Suggestions (csf)
Topic: Permanently Block IP or CIDR
Replies: 12
Views: 25892

chirpy wrote:It was added ages ago:
http://configserver.com/blog/index.php?itemid=370
Doh! Completely missed that. Thanks for pointing it out. :)

Rob
by robm
08 Apr 2009, 14:34
Forum: Suggestions (csf)
Topic: Permanently Block IP or CIDR
Replies: 12
Views: 25892

Was this feature ever added? Not sure if the csf.gdeny file is the solution? Thanks.

Rob
by robm
17 Nov 2008, 18:12
Forum: Suggestions (csf)
Topic: Add dovecot to the stock-default LFD process ignore list
Replies: 2
Views: 6872

May want to consider:
/usr/local/libexec/dovecot/imap
/usr/local/libexec/dovecot/pop3
/usr/local/libexec/dovecot/imap-login
/usr/local/libexec/dovecot/pop3-login
/usr/local/libexec/dovecot/dovecot-auth
/usr/local/sbin/dovecot

Which are the paths for a source install of dovecot.

Rob
by robm
07 Aug 2008, 17:19
Forum: Suggestions (csf)
Topic: permanent deny list?
Replies: 4
Views: 9107

Not exactly. I understand that setting, and use it as well. But we have a list of permanent deny rules we need loaded and never deleted even when the limit is reached. I guess the global deny is the solution, but I'm just confirming that is true, that a global deny list will never be removed even if...
by robm
07 Aug 2008, 15:57
Forum: Suggestions (csf)
Topic: permanent deny list?
Replies: 4
Views: 9107

permanent deny list?

Currently, after XXX entries in the deny file, csf automatically starts removing the oldest entries. Is there a way to have a list of permanent deny entries that never get auto removed? Is this the global deny list, or would this be a new feature?

Rob

Go to advanced search