ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

Shortly after adding internal CIDR to csf.allow connection to integrated Web-UI not possible

https://mail.forum.configserver.com/viewtopic.php?t=10687

Page 1 of 1

Shortly after adding internal CIDR to csf.allow connection to integrated Web-UI not possible

Posted: 08 Feb 2018, 20:30
by MacGyver2018
Dear all,

I just setup CSF.

My home network works within 192.168.178.0/24 .
My plan was to only (mainly) allow internal connections to and from the server on which CSF has been installed.

Therefore I started with adding 102.168.178.0/24 to csf.allow:

Code: Select all

###############################################################################
# Copyright 2006-2017, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following IP addresses will be allowed through iptables.
# One IP address per line.
# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24).
# Only list IP addresses, not domain names (they will be ignored)
#
# Advanced port+ip filtering allowed with the following format
# tcp/udp|in/out|s/d=port|s/d=ip
# See readme.txt for more information
#
# Note: IP addressess listed in this file will NOT be ignored by lfd, so they
# can still be blocked. If you do not want lfd to block an IP address you must
# add it to csf.ignore
#192.168.178.156 # csf SSH installation/upgrade IP address - Thu Feb  8 06:09:47 2018
192.168.178.0/24 # Heimnetz Zugriff erlauben
The first line has been added automagically on setup > with this setting [with same IP in ui.allow and opened port 6666] the integrated Web-UI works just fine.

If I comment out the first line and use the second line then shortly (1-2 minutes I assume) after restarting CSF/LFD the Web-UI is not reachable.

If I revert that change via SSH (stayed loged on) back to the original setting (first line) than the Web-UI is reachable again.

Any suggestions why this happens?

Best regards,
MacGyver2018

Re: Shortly after adding internal CIDR to csf.allow connection to integrated Web-UI not possible

Posted: 09 Feb 2018, 12:32
by tfetfetfe
Hmmm, maybe there is some bug in CSF and allow/deny have an opposite effect.

I can not block an IP range as I have reported here:
viewtopic.php?f=6&t=10685

and you tell that whitelisting a IP range in reality blocks that range.

Unfortunately, there are only questions on this forum. and no answers.

Re: Shortly after adding internal CIDR to csf.allow connection to integrated Web-UI not possible

Posted: 09 Feb 2018, 12:56
by iodisciple
It seems that basic functionality does not work and as said there are only questions. I'm still positive that I might be doing things wrong so I just wait for a while, but when questions can't be answered in a week or 2 I'll switch to another solution. I hope it will be answered though since I have about 8 servers running now with CSF/LFD...
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited