Page 2 of 2
Re: IP from China caught in logs by lfd even though CN country-blocked
Posted: 05 Jan 2020, 21:53
by chadreitsma
Thank Kdub, I'll try without IPSET to see if that helps. I have CentOS7 so I don't really understand what the issue is.
Are you using cPanel or Plesk? They have great migration tools, I was able to migrate all of my clients to a new server with those
Re: IP from China caught in logs by lfd even though CN country-blocked
Posted: 05 Jan 2020, 22:16
by kdub
chadreitsma wrote: ↑05 Jan 2020, 21:53
Thank Kdub, I'll try without IPSET to see if that helps. I have CentOS7 so I don't really understand what the issue is.
Are you using cPanel or Plesk? They have great migration tools, I was able to migrate all of my clients to a new server with those
I just found this announcement regarding changes to accessing the maxmind geoip database. This could certainly be your problem:
https://blog.configserver.com/?p=3564
Since you're on CentOS 7 I'd expect it to work. Also, make sure you have installed and updated all the dependencies
Code: Select all
yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes perl-LWP-Protocol-https.noarch perl-GDGraph
ipset
and try running the csftest script to verify all is well.
Code: Select all
cd /usr/local/csf/bin/
perl csftest.pl
Re: IP from China caught in logs by lfd even though CN country-blocked
Posted: 05 Jan 2020, 22:23
by chadreitsma
Hey Kdub, no - I have that working correctly - thank-you though.
I just realized what I did wrong, I forgot to remove the entries from TCP_IN, and TCP_OUT! This config works now:
TCP_IN: <empty>
CC_ALLOW: US,CA
LF_IPSET: on
FASTSTART: Off
Thanks again for your help!
Cheers,
C.