Thanks Ilia, nice addition to the forum.
Sergio
Search found 1106 matches
- 19 Feb 2014, 20:39
- Forum: Suggestions (csf)
- Topic: Listing order of Temporary IP entries
- Replies: 3
- Views: 5478
- 18 Feb 2014, 19:01
- Forum: General Discussion (csf)
- Topic: Squid custom regex to filter login failure
- Replies: 10
- Views: 16853
Re: Squid custom regex to filter login failure
It is not wasted time, I called learning time 

- 18 Feb 2014, 18:51
- Forum: General Discussion (csf)
- Topic: Squid custom regex to filter login failure
- Replies: 10
- Views: 16853
Re: Squid custom regex to filter login failure
By the way, it seems that LFD -r doesn't exist, you should use:
/etc/init.d/lfd restart
/etc/init.d/lfd restart
- 18 Feb 2014, 18:05
- Forum: General Discussion (csf)
- Topic: Squid custom regex to filter login failure
- Replies: 10
- Views: 16853
Re: Squid custom regex to filter login failure
Can you paste more lines of the errors that you want to block?
What is the log file where you are searching for these errors?
What is the log file where you are searching for these errors?
- 18 Feb 2014, 17:55
- Forum: General Discussion (csf)
- Topic: Squid custom regex to filter login failure
- Replies: 10
- Views: 16853
Re: Squid custom regex to filter login failure
Where in your error line is the " \[ " ? The line that you are showing has: 1392714132.861 0 1.2.3.4 TCP_DENIED/407 3922 CONNECT google.com:443 username HIER_NONE/- text/html So, the regex don't need any "\[" nor "\]" that doesn't exist. The regex should be something li...
- 15 Feb 2014, 01:47
- Forum: General Discussion (csf)
- Topic: To allow FTP access ONLY from 1 Country
- Replies: 3
- Views: 5441
Re: To allow FTP access ONLY from 1 Country
My purpose is to only allow 1 country, and drop all others to FTP access. Well, in that case you can do to grant access to port 21 to only one country, use: CC_ALLOW_PORTS = US CC_ALLOW_TCP = 21 CC_ALLOW_UDP = 21 "An example would be to list port 21 here and remove it from TCP_IN/UDP_IN then o...
- 14 Feb 2014, 18:51
- Forum: General Discussion (csf)
- Topic: Firewall Security Level
- Replies: 8
- Views: 10635
- 14 Feb 2014, 18:49
- Forum: General Discussion (csf)
- Topic: To allow FTP access ONLY from 1 Country
- Replies: 3
- Views: 5441
Re: To allow FTP access ONLY from 1 Country
Wilhelm,
instead of blocking all that countries, why don't you remove port 21 from TCP/UPD IN/OUT and creates the rules needed for the only IP that will be accessing your FTP port?
Just my 2 cents.
instead of blocking all that countries, why don't you remove port 21 from TCP/UPD IN/OUT and creates the rules needed for the only IP that will be accessing your FTP port?
Just my 2 cents.
- 14 Feb 2014, 18:28
- Forum: General Discussion (csf)
- Topic: I change the SSH port
- Replies: 5
- Views: 6134
Re: I change the SSH port
did you restarted sshd for the changes to take effect?
- 14 Feb 2014, 18:18
- Forum: General Discussion (csf)
- Topic: 50 SMTP attacks by day from a botnet
- Replies: 8
- Views: 12314
Re: 50 SMTP attacks by day from a botnet
Hi soupn, yes, we have created a system that does the following: 1. Check CSF for any of our rules are triggered. 2. If the IP trigger any of our rules the IP is blocked in CSF deny. 3. A cron is executed every few minutes and checks the IPs that has been blocked. 4. If the IP is from countries that...