Safest way to expand upon CSF?
Posted: 09 Aug 2014, 08:48
I would like csf to add blocked IP's to an address list on a Mikrotik Cloud Router Switch or maybe Cloud Core Router, for blocking at the edge switch or router for my rack.
It's trivial to turn a CRS into a stealth firewall, just split off port 1 from the switchgroup and bridge it to the master port for the remaining ports. This would be the ideal place to filter traffic, as a hit on one server can then be blocked for everything, even the stuff that cant run CSF. There is an API to do this, with various languages available.
So my question really is, is there a way I can get CSF to call an external script, that won't be broken after every upgrade? Or is there a better way to do it?
Cheers, awesome script btw!
It's trivial to turn a CRS into a stealth firewall, just split off port 1 from the switchgroup and bridge it to the master port for the remaining ports. This would be the ideal place to filter traffic, as a hit on one server can then be blocked for everything, even the stuff that cant run CSF. There is an API to do this, with various languages available.
So my question really is, is there a way I can get CSF to call an external script, that won't be broken after every upgrade? Or is there a better way to do it?
Cheers, awesome script btw!