ConfigServer Community Forum

Hi there

We have an server with

CT_SUBNET_LIMIT= "350"

however, we do not want this to affect a particular subnet eg 192.168.1.0/24

Immediately, as expected 192.168.1.0/24 triggers

csf -t

A/D IP address Port Dir Time To Live Comment
DENY 192.168.1.0/24 * inout 29m 54s lfd - (CT) subnet 192.168.1.0/24 found to have 1405 connections

despite

cat /etc/csf/csf.ignore
###############################################################################
# Copyright 2006-2018, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following IP addresses will be ignored by all lfd checks
# One IP address per line
# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24)
# Only list IP addresses, not domain names (they will be ignored)
#
127.0.0.1
192.168.1.0/24

Why is csf.ignore being ignored?

We have even tried adding

tcp|in|d=443|s=192.168.1.0/24
tcp|out|d=443|s=192.168.1.0/24

and

tcp|in|d=443|s=192.168.1.123
tcp|out|d=443|s=192.168.1.123
to csf.allow

and the connections are still blocked

However, individual IPs
csf -a 192.168.1.123
do work as expected.

we have tried
IGNORE_ALLOW = "1"
but this did not help

What am I missing?