ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

whitelisted ip's still getting mail notif.

https://mail.forum.configserver.com/viewtopic.php?t=1278

Page 1 of 1

whitelisted ip's still getting mail notif.

Posted: 01 May 2008, 12:16
by katmai
hi,

i got a question: if i whitelist a whole /24, why do i still get mail notification about blocked connections from those ip addresses? same happens with single ip whitelisted, and when i checked the iptables rules, the ip was multiple times added to DROP list.

this happens on generic install centos 5.1 64 bit.

Posted: 01 May 2008, 16:00
by chirpy
You don't say how you whitelist them - are you putting them in both csf.allow and csf.ignore and then restarting lfd? If not, then you're not doing it properly.

Posted: 02 May 2008, 10:04
by katmai
ahaaaa. i only did it with csf.allow. used csf -a $ip from the command prompt. i will try the new one now.

one thing that i noticed is:

if i disable incoming icmp, it still works. i disabled both rate limiting, and incoming, and left outgoing ping available only. iptables -L -n shows for chain INPUT

LOGDROPIN icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0

found this one too. i have to disable outgoing icmp limiting. and then incoming icmp works good. weird tho.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited