Results 1 to 5 of 5

Thread: CSF not working

  1. #1
    Join Date
    Aug 2011
    Location
    In Spain
    Posts
    50

    CSF not working

    Even with CT_LIMIT set to 0, in the logfile I can see csf is blocking and unblocking IPs:
    Aug 29 16:46:00 xxx lfd[29717]: (CT) IP xxx.xxx.xx.xx (ES/Spain/................net) found to have 43 connections - *Blocked in csf* for 1800 secs [CT_LIMIT]
    After editing csf.conf, I restarted the firewall:
    csf -r

    I'm in an openVZ box. I've had to stop the CSF, now there are not more IPs blocked.

  2. #2
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    What isn't working exactly?
    UK Based Proactive Server Management.
    Zabbix Enterprise 24/7 Monitoring.

  3. #3
    Join Date
    Aug 2011
    Location
    In Spain
    Posts
    50
    if CT_LIMIT is set to 0, it should not block IPs by number of connections:
    ###############################################################################
    # SECTION:Connection Tracking
    ###############################################################################
    # Connection Tracking. This option enables tracking of all connections from IP
    # addresses to the server. If the total number of connections is greater than
    # this value then the offending IP address is blocked. This can be used to help
    # prevent some types of DOS attack.
    #
    # Care should be taken with this option. It's entirely possible that you will
    # see false-positives. Some protocols can be connection hungry, e.g. FTP, IMAPD
    # and HTTP so it could be quite easy to trigger, especially with a lot of
    # closed connections in TIME_WAIT. However, for a server that is prone to DOS
    # attacks this may be very useful. A reasonable setting for this option might
    # be around 300.
    #
    # To disable this feature, set this to 0

  4. #4
    Join Date
    Aug 2010
    Location
    /bin/bash
    Posts
    129
    Remember to restart csf and lfd after making any changes to csf.conf.

    csf -r
    service lfd restart
    When all else fails ... Read the documentation!!!


  5. #5
    Join Date
    Aug 2011
    Location
    In Spain
    Posts
    50
    service lfd restart
    that was the problem... thanks!

    now it's not blocking IPs, but now the problem is that CSF doesn't block any. I'm opening 4 test.pl scripts (the test.pl that comes with mod_evasive) and I allways see:
    HTTP/1.0 200 OK
    HTTP/1.0 200 OK
    HTTP/1.0 200 OK
    HTTP/1.0 200 OK

    more than 80 requests in a few seconds, no ban.

    CT_LIMIT = "100"
    CT_INTERVAL = "30"
    CT_EMAIL_ALERT = "1"

    What's the problem?

Similar Threads

  1. FTP stops working when csf is on
    By weeman007 in forum Hosting Security and Technology
    Replies: 1
    Last Post: 02-09-2010, 06:55 PM
  2. CSF SMTP_BlOCK not working
    By kselva in forum Hosting Security and Technology
    Replies: 3
    Last Post: 08-06-2009, 08:41 AM
  3. CSF+IPTables, have to Restart CSF after reboot.
    By Mike - MDDHosting in forum Hosting Security and Technology
    Replies: 6
    Last Post: 06-03-2008, 10:45 AM
  4. iptables not working with CSF
    By its_joy in forum Hosting Security and Technology
    Replies: 3
    Last Post: 02-07-2008, 05:55 PM
  5. How To Get CSF Working on CPanel (Willing To Pay)
    By SupportRep911 in forum Employment / Job Offers
    Replies: 2
    Last Post: 07-30-2007, 09:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •