This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
This is not a bug, but it appears as though Fedora 11 has brought even more IPTables changes. I'm now seeing output like this when restarting CSF:
Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).
ACCEPT udp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0 udp spt:53
Using intrapositioned negation (`--option ! this`) is deprecated in...
Editing modsec2.user.conf in Firefox via CSF and the footer containing the Submit Button, copyright and version number is missing. Appears fine for other functions.
Recently, my provider installed CSF on one of my linux-based WHM/cPanel VPS. This was done primarily to help track down heavy loads occurring on the server (I own the VPS but resell them to clients). I wanted to ensure that my VPS client received the heavy load alert messages in addition to myself.
I went into the CSF configuration in WHM and used the Edit Template on the loadalert.txt template....
v4.67
re; LF_SSH_EMAIL_ALERT, LF_SU_EMAIL_ALERT enabled
modified sshalert.txt and sualert.txt for 2 email addresses, comma delimited
1. i dont get the SSH alert no matter what - with or without change:eek:
2. on the sudo, i get 2 emails, and the 2nd is malformed
csf.pl
line 1829 open (IN,
CentOS Linux 5.2 Postfix version 2.3.3 Perl 5.8.8
hope this helps.
any Q? just...
Hello,
On one CentOS 5.3 64-bit, the proftpd log lines have IP prefixed with ::ffff: , this seems to cause non detection of incorrect ftp login
(/etc/csf/regex.pm ?) :
/var/log/secure (lfd detection does NOT work)
May 7 10:49:04 vmcentos64 proftpd : vmcentos64.example.com (::ffff:192.168.0.2 ) - USER xxx: no such user found from ::ffff:192.168.0.2 to ::ffff:192.168.0.100:21
May 7 10:49:06...
Last night I found this in the exim_mainlog, but, CSF never blocked it?
IP address 195.3.136.124
Hostname ns5.a1isp.co.uk
ISP Internet On Demand Ltd
Country United Kingdom
2009-04-24 00:46:47 fixed_login authenticator failed for (localhost) : 535 Incorrect authentication data (set_id=test)
2009-04-24 00:46:48 fixed_login authenticator failed for (localhost) : 535 Incorrect authentication data...
WARNING Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > Mailserver Configuration > SSL Cipher List > Remove +SSLv2 or Add -SSLv2
Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > Apache Configuration > Global Configuration > SSLCipherSuite > Add -SSLv2 to SSLCipherSuite and/or remove +SSLv2. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
when logged into the server with Firefox, I can try logging into someones Cpanel via firefox endlessly, no lockout. I do receive email notices that my ip is locked out but checking /etc/csf/csf.deny, my ip is not listed and I can still access the server.
Trying a different way, I add my IP manually to the deny list and I still can access the server with Firefox. Only when using then a different...
I new in csf, please this info, I have setup the for try PORTFLOOD setting:
80;tcp;500;5 now I see in ipt_recent many log, whit ip, among which different ip of google, now if I have understans block if the ip make 500 connection in 5 second, I have made the test to put 500 5 for try,
as it is possible that an ip makes 500 connections in 5 seconds, and I always have the log...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum