I can see that there is an option for Include /etc/csf/csf.alsoallow
Is there a similat alsodeny or alsoblock ?
I would like to set up a facility to automatically update a list of blocked IP address (from Wizcrafts).
Perhaps I am going about this the wrong way. Does anybody have any suggestions for a better approach? What is the easiest, most-automated way to add block lists to iptables?...
Have been trying to find a command to block an ip in the cluster but cannot seem to find it.
I use csf -d ip but how can I get that out to the cluster?
Are there any commands for that?
I've installed CSF but I got some problem. I've a django application that write on my database if I make a POST on this url
If I make the request without the firewall it's all ok, but with the firewall active I receive a 502. I've look in the syslog and it say:
Ok I have posted this before and still no luck. Any help would be great. Anyway I only deal with about 7 countries and like to block all others. So when I use either CC_Allow or CC_ALLOW_FILTER with these settings CA,CH,CN,DE,GB,TW,UM,US, the issue begins to arise in my main log. I'm getting some errors now and would like some help to get them resolved or a place to look and see how to get them...
The readme.txt file states:
To take advantage of kernel logging of iptables dropped connections you should
ensure that kernel logging daemon (klogd) is enabled. Typically, VPS servers
have this disabled and you should check /etc/init.d/syslog and make sure that
any klogd lines are not commented out. If you change the file, remember to
restart syslog.
I just installed a brand new DA server w/CentOS 6.5. There are no domains on this account yet the mainlog file is flooding with errors. I'm not sure why. I have no experience with CSF as previously I used APF & BFD.
Exactly where do you set the temporary ban duration? My temporary blocks are lasting only 60 seconds and I can't seem to find the place in the configuration to make it longer. I'm getting hit with excessive SMPTAUTH failures, and although my LF_SMTPAUTH setting is 5, the bans only last a minute and then the game continues...
I'm having a bit of an issue. I have setup a KVM VPS on my CentOS 6.5 which has routed networking.
I have a DNAT rule in csfpre file which as traffic comes in (PREROUTING), the external IP is changed to the local IP. As the traffic traverses the iptables chain, it seems to be dropped (not rejected) somewhere in the FILTER FORWARD table. This is not being logged in /var/log/messages.
Background:
I like the way that CSF warns (via email) about Excessive resource usage
I have learned to use the csf.pignore file to ingnore a process that I know is resource intensive.
For example, in csf.pignore I added cmd:spamd child and no longer get warnings about spam assasin running.
Problem:
Every night when my daily backups run I get many email alerts about...
Hello to everyone !
Is it possible to use CSF to allow access to a port only from a certain IPs ?
It seems to be a simple question - but I did not find an answer yet.
Let's say I have SMTP on 110 port.
I want to allow access only from external IP 68.192.172.14 and 85.5.39.156 (what means only these 2 IPs are allowed to send emails)
All other Ips must be blocked by default.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum