Search found 7 matches

by linux4me
23 Jun 2020, 22:39
Forum: General Discussion (csf)
Topic: Blocking connections without blocking e-mail
Replies: 11
Views: 2860

Re: Blocking connections without blocking e-mail

The way I suggest doing it is to use CC_DENY_PORTS instead of CC_DENY. Put the list of countries you want to block all but email in the CC_DENY_PORTS field, then add the ports you want to block into the CC_DENY_PORTS_TCP and CC_DENY_PORTS_UDP fields. You may only want to block the access to your sit...
by linux4me
27 Apr 2020, 16:56
Forum: General Discussion (csf)
Topic: IPSET and CC_DENY No Longer Working?
Replies: 4
Views: 5407

Re: IPSET and CC_DENY No Longer Working?

Thanks for the update. It has been so long, I can't recall if I accepted the license agreement too, or just generated the key.

Have you found a way to see which IPs are getting blocked in the logs if you have IPSET running?
by linux4me
23 Apr 2020, 17:32
Forum: General Discussion (csf)
Topic: IPSET and CC_DENY No Longer Working?
Replies: 4
Views: 5407

Re: IPSET and CC_DENY No Longer Working?

I did get somewhere, though it wasn't a very satisfying journey. I checked and I do have the file /var/lib/csf/Geo/GeoLite2-Country-Blocks-IPv4.csv on my server. The solution I found involved two steps: Switching to the db-ip, ipverse, iptoasn databases (option 2) and abandoning MaxMind got some of ...
by linux4me
29 Feb 2020, 23:03
Forum: General Discussion (csf)
Topic: Problem connecting to ftp after enabling csf
Replies: 3
Views: 1539

Re: Problem connecting to ftp after enabling csf

If CSF is working correctly, you shouldn't have to allow an IP to use FTP. There is definitely something going wrong. You might get more responses if you post some system information; e.g., operating system, type of server (VPS, dedicated). The other thing that may help is to take a look at /var/log...
by linux4me
29 Feb 2020, 18:05
Forum: General Discussion (csf)
Topic: Problem connecting to ftp after enabling csf
Replies: 3
Views: 1539

Re: Problem connecting to ftp after enabling csf

The first thing I'd do is make sure you have the FTP ports open. If you're using the standard ports, 20 and 21, take a look at the IPv4 (and IPv6 if you're using it) settings and make sure ports 20 and 21 are listed in TCP_IN, TCP_OUT, UDP_IN, AND UDP_OUT. If you're using non-standard ports, you'll ...
by linux4me
28 Feb 2020, 21:01
Forum: General Discussion (csf)
Topic: IPSET and CC_DENY No Longer Working?
Replies: 4
Views: 5407

IPSET and CC_DENY No Longer Working?

I have been using IPSET and the MaxMind database to block a handful of countries with CC_DENY. It was working flawlessly, and in January, with the change in MaxMind's licensing, I signed up for a license key and entered it in CSF. I can see that the MaxMind GeoLite database is successfully downloade...
by linux4me
07 Jun 2019, 17:54
Forum: General Discussion (csf)
Topic: maxmind geolite2 country not available not anymore
Replies: 1
Views: 1196

Re: maxmind geolite2 country not available not anymore

I believe the GeoLite2 database is still available. It was the Legacy GeoLite database that was discontinued in January. Take a look at MaxMind's site and it shows you.