Currently connection tracking blocks all ports even if you have CT_PORTS defined.
Similar to LF_SELECT, it would be great to have an option to only block defined CT_PORTS.
Thank you.
Search found 10 matches
- 02 Apr 2024, 15:28
- Forum: Suggestions (csf)
- Topic: Connection Tracking option to block only CT_PORTS
- Replies: 0
- Views: 3410
- 28 Mar 2024, 19:13
- Forum: Suggestions (csf)
- Topic: csf -t shows duplicate entries but ports are already aggregated
- Replies: 0
- Views: 5506
csf -t shows duplicate entries but ports are already aggregated
I have CSF setup to only block IP access to service ports for which a block occurs. When running csf -t, I see an entry for each service port that has been blocked, however, the port column shows an aggregate of the ports being blocked. For instance: [~] csf -g xxx.68.22.155 Table Chain num pkts byt...
- 22 Sep 2023, 16:22
- Forum: General Discussion (csf)
- Topic: MaxMind to require HTTPS March 2024
- Replies: 2
- Views: 1419
Re: MaxMind to require HTTPS March 2024
Thank you
- 22 Sep 2023, 16:07
- Forum: General Discussion (csf)
- Topic: MaxMind to require HTTPS March 2024
- Replies: 2
- Views: 1419
MaxMind to require HTTPS March 2024
Advisement from MaxMind sent out today: MaxMind will begin requiring HTTPS for GeoIP download requests in March 2024. To help customers get ready for this change, we will have a planned, temporary enforcement of this policy on October 17, 2023. Could the devs kindly advise if CSF is interacting with...
- 18 Nov 2020, 16:51
- Forum: General Discussion (csf)
- Topic: CSF blocks ip with 2 login failure in wordpress
- Replies: 1
- Views: 1788
Re: CSF blocks ip with 2 login failure in wordpress
Are you using the "BFLP plugin" inside Wordpress? I believe that is what is managing this section in your .htaccess.
You should be able to manage the number of failed attempts required within the plugin settings.
You should be able to manage the number of failed attempts required within the plugin settings.
- 16 Nov 2020, 14:13
- Forum: Report Bugs (csf)
- Topic: CSF Messenger PHP deprecation warnings
- Replies: 2
- Views: 11654
CSF Messenger PHP deprecation warnings
For CSF messenger, the index.php file that handles unblocking, uses curly braces for array indexes/offsets and throws: Array and string offset access syntax with curly braces is deprecated. For example: $lang{"warning"}; Should be $lang["warning"]; -PHP: PHP 7.4.12 -OS: CentOS Li...
- 21 Oct 2020, 18:45
- Forum: Suggestions (csf)
- Topic: LFD isn't blocking dovecot login failures
- Replies: 1
- Views: 8574
Re: LFD isn't blocking dovecot login failures
You want:
...based on CentOS 7 w/cPanel
Code: Select all
SMTPAUTH_LOG = "/var/log/exim_mainlog"
SMTPRELAY_LOG = "/var/log/exim_mainlog"
SCRIPT_LOG = "/var/log/exim_mainlog"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
- 19 Oct 2020, 16:42
- Forum: Suggestions (csf)
- Topic: LF_TEMPBLOCK_ALERT option
- Replies: 6
- Views: 8439
Re: LF_TEMPBLOCK_ALERT option
This would be very easy to implement:
In csf.conf create a new option:
Then in lfd.pl alter the conditional on line 2520 to:
In csf.conf create a new option:
Code: Select all
LF_TEMP_EMAIL_ALERT = "1"
Code: Select all
if ($config{LF_EMAIL_ALERT} && ($perm || (!$perm && $config{LF_TEMP_EMAIL_ALERT})))
- 11 Jul 2019, 21:39
- Forum: Suggestions (csf)
- Topic: LF_TEMPBLOCK_ALERT option
- Replies: 6
- Views: 8439
Re: LF_TEMPBLOCK_ALERT option
Got my vote, this would be very useful to keep the "noise" down.
- 18 Jun 2019, 17:54
- Forum: General Discussion (csf)
- Topic: Block direct email delivery
- Replies: 1
- Views: 2518
Re: Block direct email delivery
Block port 25 in csf.conf and then in csf.allow:
tcp|in|d=25|s=change-to-mx-guard-ip
...add as many lines as you have IP's to trust then reload CSF:
csf -r
HTH
tcp|in|d=25|s=change-to-mx-guard-ip
...add as many lines as you have IP's to trust then reload CSF:
csf -r
HTH