Page 1 of 1

Allow to monitor (not ignore by CSF) some local IPs

Posted: 20 Feb 2014, 09:39
by Ilia
I think it would be very very good if CSF could be configured to let to block some manually defined IPs, that are found on the local interface.

Imagine you have 10 IPs in your eth0-range0. You use all of them as intended but one. Imaging that you initialize Proxy Server on one of that IPs. It means if you (or anybody else) will try to do something against the server, like port scan or webmin/cpanel brute force attack, then CSF does nothing!? This is not right and potentially a security thread!?

I propose that in configuration, there will a filed with comma separated local IPs that CSF will monitor and block as normal IPs!!

What do you think? Is this hard to implement? Do I make sense?

Respectfully,
Ilia

Re: Allow to monitor (not ignore by CSF) some local IPs

Posted: 27 Feb 2014, 10:24
by ForumAdmin
We won't be implementing this. Local IP addresses should always be ignored. If you are running a proxy you should only ever allow trusted IP addresses to access it, otherwise you are opening a huge security hole on the server.

Re: Allow to monitor (not ignore by CSF) some local IPs

Posted: 27 Feb 2014, 10:29
by Ilia
I do! It's accessed via password on non-default port.

Still, if admin wants to do it, by tweaking special settings in csf .conf file, I see why not.

My vote is for having this feature. It makes CSF more flexible.

Anyway, thank you for amazing work!!