CC_ALLOW_FILTER
Posted: 14 Jan 2020, 20:19
CC_ALLOW_FILTER not working as described.
# An alternative to CC_ALLOW is to only allow access from the following
# countries but still filter based on the port and packets rules. All other
# connections are dropped
OS: CentOS Linux release 7.7
CSF Version: csf: v14.00 (cPanel)
Settings in csf.conf
FASTSTART = "0"
LF_IPSET = "1"
CC_ALLOW_FILTER = "US"
Maxmind license activated as well
Traffic from other countries is was still logged accessing the server.
I was only able to block traffic from other countries by setting the following
TCP_IN = ""
UDP_IN = ""
CC_ALLOW_PORTS = "US"
CC_ALLOW_PORTS_TCP ="53,80,443"
CC_ALLOW_PORTS_UDP = "53"
According to CC_ALLOW_FILTER's description this shouldn't be necessary as it should be blocking all traffic from other countries than those configured.
# An alternative to CC_ALLOW is to only allow access from the following
# countries but still filter based on the port and packets rules. All other
# connections are dropped
OS: CentOS Linux release 7.7
CSF Version: csf: v14.00 (cPanel)
Settings in csf.conf
FASTSTART = "0"
LF_IPSET = "1"
CC_ALLOW_FILTER = "US"
Maxmind license activated as well
Traffic from other countries is was still logged accessing the server.
I was only able to block traffic from other countries by setting the following
TCP_IN = ""
UDP_IN = ""
CC_ALLOW_PORTS = "US"
CC_ALLOW_PORTS_TCP ="53,80,443"
CC_ALLOW_PORTS_UDP = "53"
According to CC_ALLOW_FILTER's description this shouldn't be necessary as it should be blocking all traffic from other countries than those configured.