ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

Server allowing all connections regardless of csf.

https://mail.forum.configserver.com/viewtopic.php?t=8071

Page 1 of 1

Server allowing all connections regardless of csf.

Posted: 26 Aug 2014, 17:23
by optize
This issue is making me crazy -- however, one of our servers is accepting connections on all ports even though it's not specified in csf.conf, it's like iptables isn't even running, even though it is.

Is there anything we can add to log all packets (and their iptables rule) so we can figure out why these packets are being accepted, despite being in the TCP_IN list?

Re: Server allowing all connections regardless of csf.

Posted: 26 Aug 2014, 17:45
by ForumAdmin
Check your ETH_* options are all empty in csf.conf. Check /etc/csf/csf.allow to ensure the IP or CIDR containing the IP is not listed (e.g. we've seen cases where people have whitelisted 0.0.0.0/1). Ensure DROP = "DROP" in csf.conf. Restart csf after making any changes and retry immediately incase something external to csf on your server is adding iptables rules.

If running a custom kernel then that's the next thing to check.

Re: Server allowing all connections regardless of csf.

Posted: 30 Aug 2014, 18:47
by optize
Found it - there was an entry in csf.allow for 10.0.0.0/0, which CSF was treating as 0.0.0.0/0
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited