Search found 1106 matches

by Sergio
19 Feb 2014, 20:39
Forum: Suggestions (csf)
Topic: Listing order of Temporary IP entries
Replies: 3
Views: 5478

Re: Listing order of Temporary IP entries

Thanks Ilia, nice addition to the forum.

Sergio
by Sergio
18 Feb 2014, 19:01
Forum: General Discussion (csf)
Topic: Squid custom regex to filter login failure
Replies: 10
Views: 16853

Re: Squid custom regex to filter login failure

It is not wasted time, I called learning time :)
by Sergio
18 Feb 2014, 18:51
Forum: General Discussion (csf)
Topic: Squid custom regex to filter login failure
Replies: 10
Views: 16853

Re: Squid custom regex to filter login failure

By the way, it seems that LFD -r doesn't exist, you should use:
/etc/init.d/lfd restart
by Sergio
18 Feb 2014, 18:05
Forum: General Discussion (csf)
Topic: Squid custom regex to filter login failure
Replies: 10
Views: 16853

Re: Squid custom regex to filter login failure

Can you paste more lines of the errors that you want to block?

What is the log file where you are searching for these errors?
by Sergio
18 Feb 2014, 17:55
Forum: General Discussion (csf)
Topic: Squid custom regex to filter login failure
Replies: 10
Views: 16853

Re: Squid custom regex to filter login failure

Where in your error line is the " \[ " ? The line that you are showing has: 1392714132.861 0 1.2.3.4 TCP_DENIED/407 3922 CONNECT google.com:443 username HIER_NONE/- text/html So, the regex don't need any "\[" nor "\]" that doesn't exist. The regex should be something li...
by Sergio
15 Feb 2014, 01:47
Forum: General Discussion (csf)
Topic: To allow FTP access ONLY from 1 Country
Replies: 3
Views: 5441

Re: To allow FTP access ONLY from 1 Country

My purpose is to only allow 1 country, and drop all others to FTP access. Well, in that case you can do to grant access to port 21 to only one country, use: CC_ALLOW_PORTS = US CC_ALLOW_TCP = 21 CC_ALLOW_UDP = 21 "An example would be to list port 21 here and remove it from TCP_IN/UDP_IN then o...
by Sergio
14 Feb 2014, 18:49
Forum: General Discussion (csf)
Topic: To allow FTP access ONLY from 1 Country
Replies: 3
Views: 5441

Re: To allow FTP access ONLY from 1 Country

Wilhelm,
instead of blocking all that countries, why don't you remove port 21 from TCP/UPD IN/OUT and creates the rules needed for the only IP that will be accessing your FTP port?

Just my 2 cents.
by Sergio
14 Feb 2014, 18:28
Forum: General Discussion (csf)
Topic: I change the SSH port
Replies: 5
Views: 6134

Re: I change the SSH port

did you restarted sshd for the changes to take effect?
by Sergio
14 Feb 2014, 18:18
Forum: General Discussion (csf)
Topic: 50 SMTP attacks by day from a botnet
Replies: 8
Views: 12314

Re: 50 SMTP attacks by day from a botnet

Hi soupn, yes, we have created a system that does the following: 1. Check CSF for any of our rules are triggered. 2. If the IP trigger any of our rules the IP is blocked in CSF deny. 3. A cron is executed every few minutes and checks the IPs that has been blocked. 4. If the IP is from countries that...