Search found 15 matches

by websavers
15 Feb 2020, 20:15
Forum: General Discussion (csf)
Topic: CSF on VM - Virtuozzo 7 problems
Replies: 1
Views: 649

Re: CSF on VM - Virtuozzo 7 problems

At the bottom of this article: https://wiki.openvz.org/Setting_up_an_iptables_firewall

You'll find the likely solution:

to enable iptables you need to make sure that CT.conf(CT - id of your container, 100 for example) contains following line:

NETFILTER="full"

Then restart the container.
by websavers
17 Apr 2017, 22:28
Forum: General Discussion (csf)
Topic: Cluster restart csf -crs not working after 10.0.x
Replies: 4
Views: 1929

Re: Cluster restart csf -crs not working after 10.0.x

Except of course, now after auto-updates to CSF these changes are overwritten and now we're back to this problem of connections timing out.

Any word on whether we'll be able to configure the timeout value in a future release?
by websavers
10 Mar 2017, 01:43
Forum: General Discussion (csf)
Topic: Cluster restart csf -crs not working after 10.0.x
Replies: 4
Views: 1929

Re: Cluster restart csf -crs not working after 10.0.x

It appears this is caused by having a large number of rules on each of the cluster members. This causes the restart command on each box to take some time -- longer than the time provided to read the socket of just 5 seconds. To fix this, I changed the socket read time in /usr/bin/csf:702 as follows:...
by websavers
06 Mar 2017, 19:50
Forum: General Discussion (csf)
Topic: Cluster restart csf -crs not working after 10.0.x
Replies: 4
Views: 1929

Cluster restart csf -crs not working after 10.0.x

Hey, Since the update to v10 cluster restarts fail for every member. I run csf -crs or csf --crestart and get: Sent request to <ip0>, no reply Sent request to <ip1>, no reply Sent request to <ip2>, no reply Sent request to <ip3>, no reply Sent request to <ip4>, no reply Sent request to <ip5>, no rep...
by websavers
02 Feb 2017, 15:50
Forum: Suggestions (csf)
Topic: E-mail report daily summary
Replies: 2
Views: 1947

Re: E-mail report daily summary

I would love to see this too! When a large botnet starts attacking and CSF does its job, it results in 1000+ emails a day! Would much prefer to have a daily digest option with stats about number of IPs blocked, reason, etc.
by websavers
03 Mar 2016, 14:32
Forum: Suggestions (csf)
Topic: Include statements in ignore files
Replies: 8
Views: 5341

Re: Include statements in ignore files

StatusCake recommends dynamically adding their list of IPs to the firewall... except we can't do that programmatically with CSF because csf.ignore doesn't support Include. The simplest solution would be to have a simple Include line in csf.ignore, then run a script that obtains the latest list of St...
by websavers
14 Jul 2015, 00:45
Forum: Suggestions (csf)
Topic: LFD Dies if num log files exceed file descriptor limits
Replies: 3
Views: 2640

Re: LFD Dies if num log files exceed file descriptor limits

Thanks! I caught that in the changelog :) Nice to see all the IPv6 additions as well!
by websavers
13 Jul 2015, 13:20
Forum: Suggestions (csf)
Topic: Cluster read-only (w/o key) option
Replies: 1
Views: 1957

Cluster read-only (w/o key) option

We use clustering on all of our servers that are strictly controlled by us and it works great! The power of clustering comes in particularly handy when a DDoS attack is underway as denies for an entire botnet get distributed around to all of our servers if only one gets hit first, preventing future ...
by websavers
30 Jun 2015, 22:58
Forum: Suggestions (csf)
Topic: LFD Dies if num log files exceed file descriptor limits
Replies: 3
Views: 2640

LFD Dies if num log files exceed file descriptor limits

Hi there, I'm on a stock CentOS6 system and have configured csf to read all Plesk domain logs via file globbing. This works great generally, but on some servers with more than roughly 150 or so domains (particularly when we've got nginx and apache running), LFD is reading in a large number of log fi...
by websavers
05 Jun 2015, 03:44
Forum: General Discussion (csf)
Topic: CountryCode blocks applying to outgoing as well?
Replies: 2
Views: 1722

Re: CountryCode blocks applying to outgoing as well?

So the conclusions here are: 1. Even though the initial connection to the Parallels/Odin server is outgoing, any incoming traffic even if it originates from the outgoing session, will be blocked. 2. To provide an exception to CSF it must be placed in csf.ignore as csf.allow won't get around the CC r...