CC_ALLOW_FILTER

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Locked
jcollard
Junior Member
Posts: 1
Joined: 14 Jan 2020, 20:04

CC_ALLOW_FILTER

Post by jcollard »

CC_ALLOW_FILTER not working as described.

# An alternative to CC_ALLOW is to only allow access from the following
# countries but still filter based on the port and packets rules. All other
# connections are dropped


OS: CentOS Linux release 7.7
CSF Version: csf: v14.00 (cPanel)

Settings in csf.conf

FASTSTART = "0"
LF_IPSET = "1"
CC_ALLOW_FILTER = "US"

Maxmind license activated as well

Traffic from other countries is was still logged accessing the server.




I was only able to block traffic from other countries by setting the following

TCP_IN = ""
UDP_IN = ""
CC_ALLOW_PORTS = "US"
CC_ALLOW_PORTS_TCP ="53,80,443"
CC_ALLOW_PORTS_UDP = "53"


According to CC_ALLOW_FILTER's description this shouldn't be necessary as it should be blocking all traffic from other countries than those configured.
Top
ForumAdmin
Moderator
Posts: 1524
Joined: 01 Oct 2008, 09:24

Re: CC_ALLOW_FILTER

Post by ForumAdmin »

Thank you for reporting this. We will have a fix for this in the next release of csf.
Top
ForumAdmin
Moderator
Posts: 1524
Joined: 01 Oct 2008, 09:24

Re: CC_ALLOW_FILTER

Post by ForumAdmin »

This should now be fixed in csf v14.01:
https://blog.configserver.com
Top
Locked

Return to “Report Bugs (csf)”