Search found 19 matches
- 30 Aug 2008, 00:44
- Forum: Suggestions (csf)
- Topic: Banned IP users get info page - its possible?
- Replies: 18
- Views: 23446
perhaps you could use more than one dns server , the 2nd, alternate dns address pair pointing to a different box with a special page for banned users. might want to make the alt, address dns entry with a very low TTL/refresh setting as so users dont cache the entry too long. I haven't tried this, It...
- 22 Jul 2008, 15:24
- Forum: Report Bugs (csf)
- Topic: cdir block denied still triggers temp ip blocking emails
- Replies: 2
- Views: 4513
- 21 Jul 2008, 20:58
- Forum: MailScanner
- Topic: How to allow email with png and mov attachements?
- Replies: 5
- Views: 7730
there could be any number of reasons why your images are being dropped/removed. you should try looking at the recieved emails and check for error messages or notices of removed content for starters. perhaps a mailserver configuration needs adjusting? or maybe your spam control or virus control syste...
- 20 Jul 2008, 17:25
- Forum: Report Bugs (csf)
- Topic: cdir block denied still triggers temp ip blocking emails
- Replies: 2
- Views: 4513
cdir block denied still triggers temp ip blocking emails
I have noticed that when a cdir address (eg.67.210.3.1/24) is blocked in the csf deny list, continued hammering by ips within that subnet still trigger the csf temp ban emails. (eg. 67.210.3.66, and 67.210.3.69 will trigger temp bans if hammering even after subnet is denied.) this could give an atta...
- 19 May 2008, 16:50
- Forum: Report Bugs (csf)
- Topic: csf ldf not blocking failed login triggers
- Replies: 2
- Views: 5191
- 19 May 2008, 14:16
- Forum: Report Bugs (csf)
- Topic: csf ldf not blocking failed login triggers
- Replies: 2
- Views: 5191
csf ldf not blocking failed login triggers
Since the update to csf v 3.30 csf does not block failed login attempts to any service. here is an example of one of the 87 emails I found this morning. Time: Mon May 19 03:09:16 2008 IP: user (Unknown) Failures: 6 (pop3d) Interval: 240 seconds Blocked: Yes Log entries: May 19 03:09:08 server pop3d:...
- 29 Apr 2008, 23:58
- Forum: Suggestions (csf)
- Topic: IP Blocklist Format
- Replies: 7
- Views: 11237
- 27 Apr 2008, 14:16
- Forum: Suggestions (csf)
- Topic: Remove Blocked IP Without Reloading iptables
- Replies: 3
- Views: 5991
- 25 Apr 2008, 21:38
- Forum: Suggestions (csf)
- Topic: Remove Blocked IP Without Reloading iptables
- Replies: 3
- Views: 5991
What about temp banning them instead, this feature is in there. 1000+ IPs? :p Way too many, IMO. I use the tempban option for other triggers. Max num of blocked ips is dynamicly changed depending on several other monitoring systems.(eg.durring a drddos attack). we have endured attacks consisting of...
- 23 Apr 2008, 18:12
- Forum: Suggestions (csf)
- Topic: Remove Blocked IP Without Reloading iptables
- Replies: 3
- Views: 5991
Remove Blocked IP Without Reloading iptables
Hey guys, I'm on dialup for alot of my time and use rather large deny lists(1000+ ips). when removeing a banned ip, it takes alongtime to upload the new deny list as well as display the full ruleset when flushing/restarting the firewall.(+20 seconds at times). just thought it would be most convenien...