Search found 9 matches

by deviancelabs
09 Aug 2007, 08:48
Forum: Suggestions (csf)
Topic: ConfigServer Security&Firewall
Replies: 3
Views: 5157

You can put your own rules in either "/etc/csf/csfpost.sh" or "/etc/csf/csfpre.sh" files. Create them if they don't exist and make sure to set the exec permissions on them.
by deviancelabs
04 Jun 2007, 14:20
Forum: Suggestions (csf)
Topic: remove entries from csf.deny from command line
Replies: 6
Views: 11963

Dude, I'm not arguing what you want to do 9 times out 10 and I don't know what your needs are when it comes to using CSF. Also I'm not going to analyze my or others posts to discover some hidden meanings or what they imply and what they don't. If it happened that you misunderstood what this threads ...
by deviancelabs
04 Jun 2007, 13:20
Forum: Suggestions (csf)
Topic: remove entries from csf.deny from command line
Replies: 6
Views: 11963

brianoz: you haven't notice the slight difference between whitelisting an IP and removing it from the blacklist. While I agree that what you said is accurate, I need to point out that there are cases where an IP gets blacklisted and I simply want to remove it from the blacklist (using the command li...
by deviancelabs
04 Jun 2007, 13:07
Forum: Suggestions (csf)
Topic: Temporary Blocks
Replies: 4
Views: 5789

You have my vote on that too :)
by deviancelabs
04 Jun 2007, 13:02
Forum: Suggestions (csf)
Topic: remove entries from csf.deny from command line
Replies: 6
Views: 11963

The command

Code: Select all

csf -a IP
adds an IP to csf.allow which is not the same as removing an IP from csf.deny. read the instructions again.

I too agree with Zeth that such an option would be really handy sometimes.
by deviancelabs
29 May 2007, 16:39
Forum: Suggestions (csf)
Topic: csf and advanced filters
Replies: 4
Views: 5858

So I noticed :) Thanks and keep up the good work!
by deviancelabs
25 May 2007, 18:29
Forum: Suggestions (csf)
Topic: csf and advanced filters
Replies: 4
Views: 5858

I see your point here but in my opinion, enforcing a thing like this in your script defeats the whole purpose of "advanced filtering" and kind of gets away from the idea of flexibility that csf is so popular for. Even if the cases where a filtering is done based on source port and/or UID/G...
by deviancelabs
25 May 2007, 00:52
Forum: Suggestions (csf)
Topic: csf and advanced filters
Replies: 4
Views: 5858

csf and advanced filters

I noticed that filtering based on UID or GID of source packet in "csf.allow" works only if "d=port" is specified. I think it would be nice to make "s/d=port" setting optional (unless you had a good reason to design it like that) Relevant code in csf.pl:line 852: if (($u...
by deviancelabs
13 Dec 2006, 22:42
Forum: Suggestions (csf)
Topic: csf features additions
Replies: 2
Views: 4828

csf features additions

Hi, First of all I'd like to thank you for releasing such a wonderful piece of freeware; when I first used it, it just blew me - all those apf+bfd limitations are now finally solved through this neat software. It's just great! But I'd still like to see a couple of more features which I'm sure a lot ...