ConfigServer Community Forum

Is there any way currently to include additional ip blocklists into csf.deny via external files? I know csf.blocklists can download lists, but I am talking about local files that csf would not touch other than to import them when csf.deny is loaded Such lists would be treated as "do not delete&...

I vaguely remember not being able to enable TLS despite the UI_SSL_VERSION setting being added. Do you know if there are perl libraries we use to allow TLS instead of SSLv3 which is now unsafe because of "POODLE" ? Update: nevermind, I just realized I have SSLv3 in my browser disabled and ...

Thanks for the quick response. I upgraded to 7.15 and then tried this again: csf -ta 85.10.199.177 60 -d out which strangely still fails to reach download.configserver.com I have to leave off the -d out for it to work Am I misunderstanding how the http protocol works, shouldn't only outbound be need...

You have to use spaces after the options, so: csf -ta 85.10.199.177 60 -p 80 -d out bash usually figures out spaceless options on it's own and can tolerate them But even trying it with spaces fails so it is not that simple. I am pretty sure it is because 80 is the destination port not the local por...

I realized this week that I may not properly understand the -ta mode of csf So now we have to punch a hole through the firewall to allow csf upgrades so at first glance I tried this /usr/sbin/csf -ta 85.10.199.177 60 -p80 -dout But nope, that won't work tried -dinout but nope that is not the problem...

Just a guess on my part but you aren't running the stock kernel? ovh likes to throw grsecurity kernel on there which seems to break iptables with csf what is the output from uname -a (you can remove your server name, just care about the kernel part after) I know on centos is it easy to replace the g...

Ah, apparently ifconfig is not installed for some crazy reason by default.

But it is in net-tools

yum install net-tools

solves the problem.

Hope this helps all the people googling for why csf does not install on their centos 7

CentOS 7 rc1 is out today and was testing it with CSF http://mirror.centos.org/centos/7/os/x86_64/ http://isoredirect.centos.org/centos/7/isos/x86_64/ seems it cannot find ifconfig after install: *** USE_CONNTRACK Enabled open3: exec of /sbin/ifconfig failed at ./auto.generic.pl line 153. csf -r Err...

Ah that is good to hear. CSF would have held me back from adopting CentOS 7, it is that important.

Keep up the great work!

I've been reading up on RHEL7 and July's release of CentOS 7 and I am very concerned by the change to systemd

It affects syslog and init.d and cron which seems like a pretty big change.

Does CSF work on systemd based nix?

Or do we need to stick with CentOS 6 and wait awhile.