ConfigServer Community Forum

csf -r return code is 0 if CSF is disable

This cause issue with config management and scripting
trying to remote reload csf after config change but if CSF is disable the csf -r still return 0

Thank you.

still having trouble with CC_ALLOW_FILTER option seams like filtering port doesn't work correctly if you do it out of both INPUT and OUTPUT chain. csf add reference to CC_ALLOWP in LOCALINPUT and then CC_ALLOWP hold rules that point to CC_ALLOWPLIST which hold port filtering rules depending on the C...

for me look like port scan on you server DPT means destination port 5446

temp ban is expected for this.

Feb 11 08:44:23 host kernel: Firewall: *UDP_IN Blocked* IN=venet0 OUT= MAC= SRC=175.180.104.218 DST=207.7.86.103 LEN=58 TOS=0x00 PREC=0x00 TTL=111 ID=5076 PROTO=UDP SPT=39329 DPT=5446 LEN=38

so.. more uptades... solutions i found to do this well is to use ipset and xtables-addons both can be found on netfilter.org and have some very interesting features. im not usual to perl or i would code a patch myself. http://netfilter.org/projects/ipset/index.html http://netfilter.org/projects/xtab...

this was added in the last release 5.74 and im greatfull for this... thanks a lot. but the way CSF manage iptables rules make it very very unstable. need to build an optimized rules tree base on the netmask blocked /8 /16/20 /22 /24 /26 etc and think about managing from iptables-save and iptables-re...

Hi,

just have a question if it is possible to CC_ALLOW_FILTER on specific port like allowing destination port 20/21 only to CA/US
so all other countries can still access to web pages etc... but stop attacking FTP access.

Thanks.

i think i found the answer myself but not sure yet...

in the lfd.conf
elsif ($app eq "pop3d") {$trigger = "LF_POP3D"}

so if your app name match a know app in the lfd.pl it will reset the trigger value by the config file trigger value

Hi, i made a regex to trap custom fail under dovecot based on specific user that will never exist on my servers if (( $lgfile eq $config{CUSTOM3_LOG}) and ($line =~ /^\S+\s+\d+\s+\d+\:\d+\:\d+\s+[^\s\.]+\s+dovecot\:\s+pop3\-login\:\s+Disconnected\s+\((auth\s+failed)\,\s+\d+\s+attempts\)\: user\=\<(?...

hi, an other suggestion... the use of iptables-save and iptables-restore for large rules set in iptables... iptables-save dump all rules set in a file that iptables use as-is iptables-restore can only take the dump file and map it back i memory for iptables in one step witch is really good, for exam...

Hi, here an other sugestion.. will be easier for me to explain it like this #exim if (($lgfile eq $config{SMTPAUTH_LOG}) and ($line =~ /.*\[(\d+\.\d+\.\d+\.\d+)\].*A\=login\:(?:[a-zA-Z0-9\-\_\.]+\@([a-zA-Z0-9\-\_\.]+)).*\<(?:[a-zA-Z0-9\-\.]+\@(?(?!\2)([a-zA-Z0-9\-\_\.]+)))>.*/)) { return ("Ille...