CIDR Blocks Deny not working

[jcinfargo]

Hello -

I am getting a lot of alerts of individual IPs that are being blocked even though I have a CIDR block setup to deny the block that would included the IP that is being blocked. I love Configserver and like that it is mostly working, but all the individual blocks are making me increase my Deny limit. This has been happening for several months now and I am running the latest version. Any assistance on this would be great.

Thank you.

[skate323k137]

I've never seen an issue with this. Iptables rules should not be allowing those IPs to reach your server at all if csf.deny is properly formatted. Are you putting #"do not delete" next to the cidr blocks so that they are not rotated out when the deny limit is reached?

[Solid_State]

I'm having the same issue with CIDR ranges in csf.deny.
I thought I must have been doing something wrong.

From what I can see, /24 works, but /23 does not?

For example: in /etc/csf/csf.deny;

# This works perfectly;
81.92.113.0/24 # do not delete
81.92.114.0/24 # do not delete

# This doesn't block IPs from 81.92.114.xxx;
81.92.113.0/23 # do not delete

That said, I don't have too many addresses / ranges to block.
I'm extremely impressed with the product.
Don't know how I ever got along without it (installed CSF about six months ago).

[ForumAdmin]

A CIDR block of 81.92.113.0/23 will block the IP range 81.92.112.0 - 81.92.113.255

You need to use a CIDR tool to accurately calculate your CIDRs, e.g.:
http://www.ipaddressguide.com/cidr

[Solid_State]

Hi There,

"I thought I must have been doing something wrong".

... and I was. I'm an idiot :-)

I'll be more careful in future.
Thanks for the link.