I see that csf blocked ips are logged in /var/log/messages.
Is there a way to have it log the name of the blocklist that triggered the block?
I am using /etc/csf/csf.blocklists to specify blocklists.
something like iptables "LOG --log-prefix "some name: " ?
thanks.
Log blocklist name
Re: Log blocklist name
You can see the name of the list if you search the IP at CSF tool, "Search for IP".
If blocked, it will output the occurrence, ie:
Sergio
If blocked, it will output the occurrence, ie:
Showing the block list name that blocked the IP.IPSET: Set:bl_PHISHIPS Match:14.154.94.125 Setting:PHISHIPS file:/etc/csf/csf.blocklists
Sergio
Re: Log blocklist name
Thank you Sergio.
Is that in a logfile somewhere? I don't know the IP to search for. Also would like to tail a file and see blocks that are occurring for a particular blocklist.
Is that in a logfile somewhere? I don't know the IP to search for. Also would like to tail a file and see blocks that are occurring for a particular blocklist.