IP in csf.deny does not work correctly

Post Reply
ArpO
Junior Member
Posts: 1
Joined: 25 Dec 2021, 20:41

IP in csf.deny does not work correctly

Post by ArpO »

Hello Forum,
I want to block an IP Adresse in the range of 91.241.72.0 to 91.241.72.254. Due to spam and multiple IP Adresse in that range.
So i added "91.241.72.0/24 #do not delete" to /etc/csf/csf.deny.
And yes i restarted the firewall.

Then i tried to ping 91.241.72.1 from my host... no ping.. Great I thought it works.
The next day I got spam from that IP range agian. WTF!

After some "investigation" I found out...
If I add 91.241.72.0/24 to csf.deny it will not block 91.241.72.1- 91.241.72.254 but only 91.241.72.1- 91.241.72.128.
91.241.72.129 I can ping myself again.

Why?
91.241.72.0/24 should mean the whole 1-255, right?
Why does it only work to .128?

edit:
Forget to tell you the System, it's a Debian 10 64-Bit with running Virtualmin 6.17.gpl-3.
Even more interesting, on an other server, with the very same installation (Debian 10 64-Bit and Virtualmin 6.17) it works.
Post Reply