As far as I know, csf.allow only handles firewall rules, not bruteforcing rules. If you wish to whitelist 123.45.0.0/24 from LFD (which handles the bruteforce login monitoring), I suggest you to add the IP address into csf.ignore.
Is there a way a bulk IP POP3 or imap will IP's will be allowed? I tried IP like this (for example only)
123.45.0.0/24 # csf.allow
then I saw some IP IN csf.deny
123.45.111.222 # lfd: (pop3d) Failed POP3 login from 123.45.111.222
can somebody explain to me why is this happening?
how can I make this work?
May I know if my bulk IP allow is correct declared?
I think you have to know what the 0/24 is for as you are not using accordingly.
0/24 means that only the last octet on the IP will go from 0-255, so the only IPs that 0/24 will handle are:
123.45.0.0/24
123.45.0.0 - 123.45.0.255
That being said, the IP 123.45.111.222 will never enter into the rule that you set.
I think you should set:
123.45.111.0/24
and that will take all the IPs from 123.45.111.0 to 123.45.111.255