ConfigServer Community Forum

I cannot get to the settings of dshield and spamhaus, I have revised the whole settings but these are gone I remember they were under global lists/dyndns/blcoklists but I have no option. I tried adding the médium level and also I get this:

Enable IP range blocking using the DShield Block List 0 86400 86400
Enable IP range blocking using the Spamhaus DROP List 0 86400 86400

Under current I get nothing.

I am using latest v 6.37

Can anyone help?

Regartds

I have this exact same problem. Is there a way to get those features turned on?

Have you turned the lists on, at the LFD BLOCKLIST button?

When I click "lfd Blocklists" (I'm accessing this through WHM), it lets me edit the file "csf.blocklists". The lines for SPAMDROP, SPAMEDROP, and DSHIELD are not commented out. There's is nothing to enable.

When I click "Firewall Configuration", and select "Global Lists/DYNDNS/Blacklists", there is no area to change the settings for LF_DSHIELD or LF_SPAMHAUS and others.

If I click "Firewall Security Level" and choose medium or high, of which should enable blocklists, and after it restarts and I look at currrent, it's just blank. No numbers. It's as if these features don't exist.

Any ideas?

Commenting the lines out mean enable them.

Check that DSHIELD line is as follows:
DSHIELD|86400|0|http://feeds.dshield.org/block.txt

That is what is working for me.

My setting looks like that. Does this mean they are already actually enabled and I didn't know it? Anyway to verify?

Enter into ConfigServer Security&Firewall then to VIEW IPTABLE RULES then search for DSHIELD, that will show the iptable rules for dshield.

On the other hand, search in your /etc/csf if there is not the old configuration file.

I have this under csf.blocklists:

#
# Each URL is scanned for an IPv4/CIDR address per line and if found is blocked

# Spamhaus Don't Route Or Peer List (DROP)
# Details: http://www.spamhaus.org/drop/
SPAMDROP|86400|0|http://www.spamhaus.org/drop/drop.lasso

# Spamhaus Extended DROP List (EDROP)
# Details: http://www.spamhaus.org/drop/
SPAMEDROP|86400|0|http://www.spamhaus.org/drop/edrop.lasso

# DShield.org Recommended Block List
# Details: http://dshield.org
DSHIELD|86400|0|http://feeds.dshield.org/block.txt

And there is still no option of spamhaus or dshield

also have this under view ip tables rules:

Chain DSHIELD (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP all -- * * 85.233.64.0/24 0.0.0.0/0
2 4 160 DROP all -- * * 1.182.127.0/24 0.0.0.0/0
3 194 12670 DROP all -- * * 54.234.239.0/24 0.0.0.0/0
4 0 0 DROP all -- * * 210.149.29.0/24 0.0.0.0/0
5 0 0 DROP all -- * * 31.6.71.0/24 0.0.0.0/0
6 0 0 DROP all -- * * 5.79.65.0/24 0.0.0.0/0
7 0 0 DROP all -- * * 211.142.197.0/24 0.0.0.0/0
8 0 0 DROP all -- * * 184.106.154.0/24 0.0.0.0/0
9 0 0 DROP all -- * * 86.98.50.0/24 0.0.0.0/0
10 4 160 DROP all -- * * 222.186.24.0/24 0.0.0.0/0
11 0 0 DROP all -- * * 60.173.10.0/24 0.0.0.0/0
12 0 0 DROP all -- * * 70.36.101.0/24 0.0.0.0/0
13 0 0 DROP all -- * * 113.200.250.0/24 0.0.0.0/0
14 0 0 DROP all -- * * 178.184.12.0/24 0.0.0.0/0
15 0 0 DROP all -- * * 180.153.113.0/24 0.0.0.0/0
16 0 0 DROP all -- * * 216.145.110.0/24 0.0.0.0/0
17 0 0 DROP all -- * * 193.219.163.0/24 0.0.0.0/0
18 0 0 DROP all -- * * 86.188.230.0/24 0.0.0.0/0
19 0 0 DROP all -- * * 77.30.74.0/24 0.0.0.0/0
20 0 0 DROP all -- * * 62.149.24.0/24 0.0.0.0/0

Chain LOCALINPUT (1 references)
num pkts bytes target prot opt in out source destination
1 26M 9020M ALLOWIN all -- !lo * 0.0.0.0/0 0.0.0.0/0
2 25M 8771M DENYIN all -- !lo * 0.0.0.0/0 0.0.0.0/0
3 25M 8770M CC_DENY all -- !lo * 0.0.0.0/0 0.0.0.0/0
4 17M 6812M DSHIELD all -- !lo * 0.0.0.0/0 0.0.0.0/0
5 17M 6657M SPAMEDROP all -- !lo * 0.0.0.0/0 0.0.0.0/0
6 16M 6438M BOGON all -- !lo * 0.0.0.0/0 0.0.0.0/0
7 16M 6438M SPAMDROP all -- !lo * 0.0.0.0/0 0.0.0.0/0

@screege,
then, DSHIELD is working on your firewall as well as SPAMDROP and SPAMEDROP.