Blocking connections without blocking e-mail

linux4me
Junior Member
Posts: 7
Joined: 03 Dec 2017, 17:56

Re: Blocking connections without blocking e-mail

Post by linux4me »

The way I suggest doing it is to use CC_DENY_PORTS instead of CC_DENY.

Put the list of countries you want to block all but email in the CC_DENY_PORTS field, then add the ports you want to block into the CC_DENY_PORTS_TCP and CC_DENY_PORTS_UDP fields. You may only want to block the access to your sites via HTTP and HTTPS (80,443) and to SSH (22) and FTP (20,21).

Save your changes, restart csf and lfd, and you're good to go.

If you have other countries you want to block entirely, you can list them in CC_DENY.

JasGot
Junior Member
Posts: 28
Joined: 10 Jan 2008, 17:16

Re: Blocking connections without blocking e-mail

Post by JasGot »

I would try this if it were reversed. I need to deny all. I can't list every port in that field.

Post Reply