ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

SpamHaus/DShield overrides csf.allow

https://mail.forum.configserver.com/viewtopic.php?t=919

Page 1 of 1

SpamHaus/DShield overrides csf.allow

Posted: 18 Dec 2007, 14:23
by jimbo
We have found that IP addresses that you place in the csf.allow file are being overriden by SpamHaus and DShield banned IP addresses. We thought that the csf.allow would override anything in the csf.deny, SpamHaus, and DShield lists.

What is happening... is that with all the off-shore support stuff going on, that DShield/SpamHaus has some .PK IPs banned, yet one of our vendors use Pakistan for support and even with their IP in the csf.allow, they are blocked.

Thanks

Posted: 26 Dec 2007, 15:24
by chirpy
It shouldn't and if it is, then it's probably an iptables issue as the allow list comes before the block lists in the INPUT rule list. Check your iptables output that the allow IP's are coming before the block chain.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited