Page 1 of 1

csf allow private ip, also allows public ips

Posted: 11 Nov 2022, 15:33
by mathewlijo
My WHM server is nat with private ip in the 10.10.1.0/24 range. I am looking to block 2087 access over the internet

eth0 10.10.1.5 Main/shared IP for: admin and others x.x.x.x

In my csf.allow I have the following config tcp|in|d=2087|d=10.10.1.0/24
and in csf.deny I have the following config tcp|in|s=2087|s=0.0.0.0/0

However, I can access the WHM page over the internet, outside of my network. Until last week this configuration was working and If I had to access remotely, I had to log in via VPN to my network. However last week, there was an issue with the VM and I had to reload a snapshot, post which this feature of CSF does not work.
If I remove the entry from csf.allow, then it blocks it from everywhere. Please let me know, what could have gone wrong.