Search found 15 matches

Search found 15 matches Page 1 of 2
by websavers
17 Apr 2017, 22:28
Forum: General Discussion (csf)
Topic: Cluster restart csf -crs not working after 10.0.x
Replies: 4
Views: 1454

Except of course, now after auto-updates to CSF these changes are overwritten and now we're back to this problem of connections timing out.

Any word on whether we'll be able to configure the timeout value in a future release?
by websavers
10 Mar 2017, 01:43
Forum: General Discussion (csf)
Topic: Cluster restart csf -crs not working after 10.0.x
Replies: 4
Views: 1454

It appears this is caused by having a large number of rules on each of the cluster members. This causes the restart command on each box to take some time -- longer than the time provided to read the socket of just 5 seconds. To fix this, I changed the socket read time in /usr/bin/csf:702 as follows:...
by websavers
06 Mar 2017, 19:50
Forum: General Discussion (csf)
Topic: Cluster restart csf -crs not working after 10.0.x
Replies: 4
Views: 1454

Hey, Since the update to v10 cluster restarts fail for every member. I run csf -crs or csf --crestart and get: Sent request to <ip0>, no reply Sent request to <ip1>, no reply Sent request to <ip2>, no reply Sent request to <ip3>, no reply Sent request to <ip4>, no reply Sent request to <ip5>, no rep...
by websavers
02 Feb 2017, 15:50
Forum: Suggestions (csf)
Topic: E-mail report daily summary
Replies: 2
Views: 1463

I would love to see this too! When a large botnet starts attacking and CSF does its job, it results in 1000+ emails a day! Would much prefer to have a daily digest option with stats about number of IPs blocked, reason, etc.
by websavers
03 Mar 2016, 14:32
Forum: Suggestions (csf)
Topic: Include statements in ignore files
Replies: 8
Views: 4317

StatusCake recommends dynamically adding their list of IPs to the firewall... except we can't do that programmatically with CSF because csf.ignore doesn't support Include. The simplest solution would be to have a simple Include line in csf.ignore, then run a script that obtains the latest list of St...
by websavers
14 Jul 2015, 00:45
Forum: Suggestions (csf)
Topic: LFD Dies if num log files exceed file descriptor limits
Replies: 3
Views: 2147

Thanks! I caught that in the changelog :) Nice to see all the IPv6 additions as well!
by websavers
13 Jul 2015, 13:20
Forum: Suggestions (csf)
Topic: Cluster read-only (w/o key) option
Replies: 1
Views: 1607

We use clustering on all of our servers that are strictly controlled by us and it works great! The power of clustering comes in particularly handy when a DDoS attack is underway as denies for an entire botnet get distributed around to all of our servers if only one gets hit first, preventing future ...
by websavers
30 Jun 2015, 22:58
Forum: Suggestions (csf)
Topic: LFD Dies if num log files exceed file descriptor limits
Replies: 3
Views: 2147

Hi there, I'm on a stock CentOS6 system and have configured csf to read all Plesk domain logs via file globbing. This works great generally, but on some servers with more than roughly 150 or so domains (particularly when we've got nginx and apache running), LFD is reading in a large number of log fi...
by websavers
05 Jun 2015, 03:44
Forum: General Discussion (csf)
Topic: CountryCode blocks applying to outgoing as well?
Replies: 2
Views: 1327

So the conclusions here are: 1. Even though the initial connection to the Parallels/Odin server is outgoing, any incoming traffic even if it originates from the outgoing session, will be blocked. 2. To provide an exception to CSF it must be placed in csf.ignore as csf.allow won't get around the CC r...
by websavers
01 May 2015, 03:08
Forum: General Discussion (csf)
Topic: CountryCode blocks applying to outgoing as well?
Replies: 2
Views: 1327

Hey there, We had an issue wherein a server couldn't reach the Plesk licensing server, even with port 5224 added to the egress rules. We had RU added to the CC_DENY config which was very clearly the cause (I found the blocked range in iptables). After removing RU from CC_DENY, all worked fine. I had...
Search found 15 matches Page 1 of 2