csf version 4.80 : IPs not blocked

Marie · Post by **Marie** » 20 Oct 2009, 13:10

I'm seeing the same behaviour on all servers running csf 4.80 :

An IPs triggers csf, it gets added to /etc/csf.deny, but it is not blocked :

[14:01:51] root@hetz81 [~]# grep 67.218.xxx.xxx /etc/csf/csf.deny
TCP:IN:D=80:S=67.218.xxx.xxx # lfd: 5 (mod_security) login failures from 67.218.xxx.xxx in the last 300 secs - Tue Oct 20 04:37:45 2009
TCP:IN:D=443:S=67.218.xxx.xxx # lfd: 5 (mod_security) login failures from 67.218.xxx.xxx in the last 300 secs - Tue Oct 20 04:37:45 2009

[14:04:07] root@hetz81 [~]# csf -g 67.218.xxx.xxx

Chain num pkts bytes target prot opt in out source destination
No matches found for 67.218.xxx.xxx in iptables

Looks like a case sensitive issue ? TCP:IN:D should be tcp:in:d, right ?

Post by **ForumAdmin** » 20 Oct 2009, 14:50

I'll have a look into that and hopefully have a bug fix out in a short while.

Post by **ForumAdmin** » 20 Oct 2009, 15:04

v4.81 which is just now being released should fix this.

Marie · Post by **Marie** » 20 Oct 2009, 16:37

You were fast, it's fixed !

Thank you so much !!!