Search found 15 matches
- 23 Apr 2018, 16:50
- Forum: Report Bugs (csf)
- Topic: 'Include' in csf.dyndns not working properly
- Replies: 1
- Views: 4554
'Include' in csf.dyndns not working properly
I received these errors in /var/log/lfd.log when trying to use an Include in csf.dyndns Apr 23 16:03:41 mail1 lfd[10847]: DynDNS: Lookup for [Include] failed Apr 23 16:13:33 mail1 lfd[11373]: DynDNS: Lookup for [Include] failed Apr 23 16:23:34 mail1 lfd[11749]: DynDNS: Lookup for [Include] failed Ap...
- 23 Apr 2018, 16:27
- Forum: Report Bugs (csf)
- Topic: "Include" in csf.redirect causing error
- Replies: 1
- Views: 4143
"Include" in csf.redirect causing error
I attempted to use an include in csf.redirect and received this error on executing csf -ra. Error: csf: Incorrect csf.redirect setting ([]): [Include /etc/csf/csf.redirect.local], at line 3172 I removed the Include line and started csf with no issue. Point of clarification: The readme.txt specifical...
- 03 Apr 2018, 16:08
- Forum: Suggestions (csf)
- Topic: GREENSNOW blocklist address change
- Replies: 1
- Views: 3452
GREENSNOW blocklist address change
Hello, The address for the blocklist has changed to SSL only - https://blocklist.greensnow.co/greensnow.txt. Accessing it using http: results in an error page. WIth http: address: Apr 3 15:35:45 mail1 lfd[21292]: Unable to retrieve blocklist GREENSNOW - Unable to download: No Host option provided Ap...
- 21 Dec 2017, 03:27
- Forum: Suggestions (csf)
- Topic: Conntrack doesn't work by default on kernels 4.7+
- Replies: 3
- Views: 9245
Re: Conntrack doesn't work by default on kernels 4.7+
Thanks for the post. A great explanation. You may also see in your logs this message: Dec 14 03:40:15 mail kernel: nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. Al...
- 12 Jun 2015, 18:39
- Forum: General Discussion (csf)
- Topic: Deciding which blocklists to use
- Replies: 4
- Views: 5298
Re: Deciding which blocklists to use
Yes, I'm still around. I still use this methodology so my blocklists are the same. I haven't conducted any additional analyses in a few months but I suspect that it continues to hold true as my numbers were roughly the same with subsequent analyses. The main point for me is that CIDR covers so many ...
- 11 Apr 2014, 04:22
- Forum: General Discussion (csf)
- Topic: Deciding which blocklists to use
- Replies: 4
- Views: 5298
Deciding which blocklists to use
I have a small VPS that I run and am always looking at things I can do to make my system more secure as well as increase performance with my limited resources, two things that sometimes conflict. After a discussion the other day with a friend about blocklists, number of iptables rules and performanc...
- 05 Apr 2014, 18:42
- Forum: General Discussion (csf)
- Topic: csf.blocklists - Invalid URL for Russian Business Networks
- Replies: 3
- Views: 5658
Re: csf.blocklists - Invalid URL for Russian Business Networ
Okay. Thanks.
I understand that each URL is scanned for an IPv4/CIDR address per line. Are duplicate ips removed? For example, if I want to add Shadowserver C&C will the duplicate DShield entries in that list be removed?
I understand that each URL is scanned for an IPv4/CIDR address per line. Are duplicate ips removed? For example, if I want to add Shadowserver C&C will the duplicate DShield entries in that list be removed?
- 05 Apr 2014, 17:41
- Forum: General Discussion (csf)
- Topic: csf.blocklists - Invalid URL for Russian Business Networks
- Replies: 3
- Views: 5658
csf.blocklists - Invalid URL for Russian Business Networks
Hello, The URL in csf.blocklists is invalid: #RBN|86400|0|http://rules.emergingthreats.net/blockrules/rbn-ips.txt I went through the EmergingThreats website and found these links which may be of interest: Detail: http://doc.emergingthreats.net/bin/view/Main/RussianBusinessNetwork - lists a number of...
- 13 Aug 2012, 16:19
- Forum: Suggestions (csf)
- Topic: Addition of Spamhaus extended DROP (EDROP) list
- Replies: 5
- Views: 7811
Re: Addition of Spamhaus extended DROP (EDROP) list
Great. Thanks.
Terry
Terry
- 30 Jul 2012, 18:41
- Forum: Suggestions (csf)
- Topic: Suggested change to Exim SMTP AUTH regex
- Replies: 7
- Views: 8769
Re: Suggested change to Exim SMTP AUTH regex
Have you resolved this? I tested your log lines against the regex in regex.pm and they matched.
Terry
Terry