Search found 9 matches
- 30 Nov 2023, 14:45
- Forum: General Discussion (csf)
- Topic: How to troubleshoot throughput performance issues
- Replies: 0
- Views: 11931
How to troubleshoot throughput performance issues
I'm using csf 14.20 on an Ubuntu Jammy system behind a 1GB FIOS connection. With csf/lfd running, I get throughput of about 30M/s, which increases to about 800M/s with csf/lfd disabled. I'm using a fairly generic csf.conf (shown below) and have tried to improve performance by reducing DENY_IP_LIMIT ...
- 14 May 2020, 18:50
- Forum: General Discussion (csf)
- Topic: Open all ports for outbound UDP within LAN?
- Replies: 0
- Views: 2911
Open all ports for outbound UDP within LAN?
Is there a simple way to open all outbound UDP ports on a device only for destinations within the LAN? I know I could do it manually with iptables:
But is there a standard way to do this within CSF configuration?
Code: Select all
# iptables -I OUTPUT -p udp -d 192.168.0.0/24 -j ACCEPT- 17 Jun 2015, 18:43
- Forum: General Discussion (csf)
- Topic: csf fails after kernel upgrade; "couldn't load target LOGDROPIN"
- Replies: 2
- Views: 2783
Re: csf fails after kernel upgrade; "couldn't load target LOGDROPIN"
Turns out this was entirely unrelated -- the default SYSTEMCTL in csf.conf doesn't match Debian standard, so csf/lfd weren't starting at all. Fixing SYSTEMCTL fixed the entire problem.
- 17 Jun 2015, 18:28
- Forum: General Discussion (csf)
- Topic: csf fails after kernel upgrade; "couldn't load target LOGDROPIN"
- Replies: 2
- Views: 2783
Re: csf fails after kernel upgrade; "couldn't load target LOGDROPIN"
I should note the following as well: # /etc/csf/csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Test...
- 17 Jun 2015, 17:13
- Forum: General Discussion (csf)
- Topic: csf fails after kernel upgrade; "couldn't load target LOGDROPIN"
- Replies: 2
- Views: 2783
csf fails after kernel upgrade; "couldn't load target LOGDROPIN"
A VPS I admin recently needed to upgrade from a 2.4 series kernel to 3.12.27. It appears that csf/lfd are no longer working to do any iptables firewall filtering. When I try to add an address with csf -d, I get this error: # csf -d xxx.xxx.xxx.xxx Adding xxx.xxx.xxx.xxx to csf.deny and iptables DROP...
- 07 Dec 2007, 02:24
- Forum: Suggestions (csf)
- Topic: Dovecot + Additional Loggin
- Replies: 8
- Views: 16247
Not catching all dovecot attacks
I'm still getting a lot of dovecot attacks with the latest csf. I don't think it is recognizing all the various types of attacks. E.g. -- these are in dovecot's log file: dovecot: 2007-12-06 20:48:40 Info: pop3-login: Aborted login: rip=24.97.230.106, lip=72.1.169.236 dovecot: 2007-12-06 20:48:41 In...
- 22 Nov 2007, 15:37
- Forum: Suggestions (csf)
- Topic: Dovecot + Additional Loggin
- Replies: 8
- Views: 16247
Maybe it is configured
Actually, on closer inspection, it looks like the source code *does* use whatever log file is specified for IMAP and POP daemon -- it is just the changelog entry that says /var/log/messages.
- 22 Nov 2007, 15:32
- Forum: Suggestions (csf)
- Topic: Dovecot + Additional Loggin
- Replies: 8
- Views: 16247
Wrong log file
It appears csf just checks /var/log/messages for dovecot aborted IMAP/POP messages; however, my dovecot logs to /var/log/imap.log. I think with others it logs to /var/log/mail.log. Can the correct log file be configured?
- 19 Nov 2007, 14:52
- Forum: Suggestions (csf)
- Topic: Dovecot + Additional Loggin
- Replies: 8
- Views: 16247
Ditto
dovecot/IMAP attacks are the most common unchecked brute force attacks we get. I would greatly appreciate a csf rule to block them. Thanks!