ConfigServer Community Forum

Hello, I'm using generic CSF 6.0 on Gentoo. I have a couple custom regexes that scans apache access_log and modsec_audit log. The regexes work correctly. When these rules match there is a flood of errors from a single ip, 10's of accesses per second. Looking at strace, LFD seems to be trying to reso...

You need kernel config NETFILTER_XT_MATCH_RECENT and NETFILTER_XT_MATCH_STRING

"recent" match support
"string" match support

This is a DNS Reflective Amplification Attack. This rule limits ANY queries to 10 in 600 seconds. iptables -I INPUT -p udp --dport 53 -m string --from 47 --algo bm --hex-string '|0000FF0001|' -m recent --set --name dnsanyquery iptables -I INPUT -p udp --dport 53 -m string --from 47 --algo bm --hex-s...

Hello, I'm using CSF generic on Gentoo. I have a feature suggestion: Run a script whenever an IP is banned or unbanned. It would run on any kind of ban/unban: auto or manual and perm or temp. It would pass similar arguments as BLOCK_REPORT to the custom script. Currently I am using BLOCK_REPORT to r...

Hi, I use CSF Firewall on multiple generic boxes/networks (without cPanel) and I think it's great! It saves so much time and hassle. I even use it on the router for my home LAN. Many thanks to the Dev's. Unfortunately some of the networks I'm on do not yet have native IPv6, so instead I use a tunnel...