csf keeps removing rules in csf.deny

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Post Reply
dinot
Junior Member
Posts: 4
Joined: 12 Sep 2007, 09:18

csf keeps removing rules in csf.deny

Post by dinot »

I have rules like this in my csf.deny:

Code: Select all

tcp:out:d=80::u=99
CSF keeps removing these rules after updates it seems. As far as I know these rules are correct. The same example is mentioned in csf's readme file. Although there it also shows the format with 1 colon before 'u=uid'. I have tried that as well in the past, but that didn't help either.

tcp/udp:in/out:s/d=port:s/d=ip:u=uid

# TCP connections outbound to port 80 from UID 99

Code: Select all

tcp:out:d=80::u=99
When I list my iptables rules it does show the uid rules I'm using:

LOGDROPOUT tcp -- anywhere anywhere tcp dpt:http OWNER UID match nobody

So everything seems to be working, apart from the fact that csf keeps removing these rules.
Top
chirpy
Moderator
Posts: 3537
Joined: 09 Dec 2006, 18:13

Post by chirpy »

Do you have DENY_IP_LIMIT (value from csf.conf) block entries in csf.deny?
Top
dinot
Junior Member
Posts: 4
Joined: 12 Sep 2007, 09:18

Post by dinot »

From csf.conf:

Code: Select all

DENY_IP_LIMIT = "100"
So,if I understand correctly, this setting also removes rules, not only ip's? I removed most of the blocked ip entries in csf.deny.

How can I make sure the rules are not being deleted, while still using the DENY_IP_LIMIT setting?
Top
Post Reply

Return to “Report Bugs (csf)”