hi,
i got a question: if i whitelist a whole /24, why do i still get mail notification about blocked connections from those ip addresses? same happens with single ip whitelisted, and when i checked the iptables rules, the ip was multiple times added to DROP list.
this happens on generic install centos 5.1 64 bit.
whitelisted ip's still getting mail notif.
ahaaaa. i only did it with csf.allow. used csf -a $ip from the command prompt. i will try the new one now.
one thing that i noticed is:
if i disable incoming icmp, it still works. i disabled both rate limiting, and incoming, and left outgoing ping available only. iptables -L -n shows for chain INPUT
LOGDROPIN icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
found this one too. i have to disable outgoing icmp limiting. and then incoming icmp works good. weird tho.
one thing that i noticed is:
if i disable incoming icmp, it still works. i disabled both rate limiting, and incoming, and left outgoing ping available only. iptables -L -n shows for chain INPUT
LOGDROPIN icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
found this one too. i have to disable outgoing icmp limiting. and then incoming icmp works good. weird tho.