CSF csf.allow still denied

Post Reply
growers
Junior Member
Posts: 3
Joined: 26 May 2020, 01:58

CSF csf.allow still denied

Post by growers »

Hello

Is there a way a bulk IP POP3 or imap will IP's will be allowed? I tried IP like this (for example only)
123.45.0.0/24 # csf.allow

then I saw some IP IN csf.deny
123.45.111.222 # lfd: (pop3d) Failed POP3 login from 123.45.111.222
  • can somebody explain to me why is this happening?
  • how can I make this work?
  • May I know if my bulk IP allow is correct declared?
growers
Junior Member
Posts: 3
Joined: 26 May 2020, 01:58

Re: CSF csf.allow still denied

Post by growers »

Just explaining that the IP is dynamic and usually the 2 segment only changes. I don't want to put a static IP in this regard.
123.45.111.222
geekytone
Junior Member
Posts: 23
Joined: 04 Aug 2020, 13:58

Re: CSF csf.allow still denied

Post by geekytone »

Good morning,

As far as I know, csf.allow only handles firewall rules, not bruteforcing rules. If you wish to whitelist 123.45.0.0/24 from LFD (which handles the bruteforce login monitoring), I suggest you to add the IP address into csf.ignore.

Also, don't forget to restart CSF & LFD :

Code: Select all

csf -r
systemctl restart lfd
Sergio
Junior Member
Posts: 1685
Joined: 12 Dec 2006, 14:56

Re: CSF csf.allow still denied

Post by Sergio »

growers wrote: 21 Dec 2020, 02:12 Hello

Is there a way a bulk IP POP3 or imap will IP's will be allowed? I tried IP like this (for example only)
123.45.0.0/24 # csf.allow

then I saw some IP IN csf.deny
123.45.111.222 # lfd: (pop3d) Failed POP3 login from 123.45.111.222
  • can somebody explain to me why is this happening?
  • how can I make this work?
  • May I know if my bulk IP allow is correct declared?
I think you have to know what the 0/24 is for as you are not using accordingly.
0/24 means that only the last octet on the IP will go from 0-255, so the only IPs that 0/24 will handle are:
123.45.0.0/24
123.45.0.0 - 123.45.0.255

That being said, the IP 123.45.111.222 will never enter into the rule that you set.

I think you should set:
123.45.111.0/24
and that will take all the IPs from 123.45.111.0 to 123.45.111.255
Post Reply