Results 1 to 5 of 5
  1. #1

    Very Strange CSF issue

    When I type:

    csf -d 4.2.2.2

    I receive the following error:

    deny failed: [4.2.2.2] is one of this servers addresses!

    Ok, so I obviously dont own this popular address but CSF thinks that I do. I am running a basic VPS on openVZ. Where exactly does CSF pull the IP info? Is there a step that I missed in the configuration?

    Here is the output of ifconfig:
    root:~# ifconfig
    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:16436 Metric:1
    RX packets:261317 errors:0 dropped:0 overruns:0 frame:0
    TX packets:261317 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:192955196 (184.0 MiB) TX bytes:192955196 (184.0 MiB)

    venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    inet6 addr: 2607:f7a0:6:8::0000:349a/0 Scope:Global
    inet6 addr: 2607:f7a0:6:8::0000:f6b9/0 Scope:Global
    inet6 addr: 2607:f7a0:6:8::0000:30a9/0 Scope:Global
    inet6 addr: 2607:f7a0:6:8::0000:4cdf/0 Scope:Global
    inet6 addr: 2607:f7a0:6:8::0000:7456/0 Scope:Global
    UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
    RX packets:181821 errors:0 dropped:0 overruns:0 frame:0
    TX packets:161846 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:86765284 (82.7 MiB) TX bytes:81259420 (77.4 MiB)

    venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    inet addr:000.96.000.122 P-t-P:000.96.000.122 Bcast:0.0.0.0 Mask:255.255.255.255
    UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1

    The IP's have been masked. Ive configured CSF on dozens of servers and Ive never seen this. Any ideas?

  2. #2
    Join Date
    Jun 2011
    Posts
    383
    4.2.2.2 is google public dns and may located in /etc/resolv.conf block this ip may come with named dns problem, i think

  3. #3
    Join Date
    Jul 2004
    Location
    Scottsbluff, NE
    Posts
    1,965
    Quote Originally Posted by multiplecloud-zid View Post
    4.2.2.2 is google public dns and may located in /etc/resolv.conf block this ip may come with named dns problem, i think
    4.2.2.2 belongs to Level3, not Google.
    $this->hasFlavr() ? $nom->nom('nom') : $want->doNot()

  4. #4
    Join Date
    Sep 2011
    Posts
    987
    Quote Originally Posted by multiplecloud-zid View Post
    4.2.2.2 is google public dns and may located in /etc/resolv.conf block this ip may come with named dns problem, i think
    It's not google dns. does seem to be an open resolver though.


    C:\Users\Admin>nslookup webhostingtalk.com 4.2.2.2
    Server: vnsc-bak.sys.gtei.net
    Address: 4.2.2.2

    Non-authoritative answer:
    Name: webhostingtalk.com
    Address: 69.167.156.26

  5. #5
    For anyone wondering what the issue was it was due to the /0 cidr on my IP's. CSF stated they will update CSF soon to address the /0 issue but for now if you edit /etc/csf/csf.pl and comment out the following line (line 1892):

    eval {$ipscidr->add($1)};

    so it reads:

    # eval {$ipscidr->add($1)};

    it seems to work!

Similar Threads

  1. Strange cPanel CSF FTP Issue
    By jzmwebdevelopment in forum VPS Hosting
    Replies: 7
    Last Post: 08-30-2011, 10:41 AM
  2. Strange alerts from CSF - port scans?
    By server prodigy in forum Hosting Security and Technology
    Replies: 4
    Last Post: 05-27-2010, 11:21 AM
  3. csf issue
    By k-planethost in forum Hosting Security and Technology
    Replies: 9
    Last Post: 10-23-2009, 09:51 AM
  4. CSF issue ?
    By map007 in forum Hosting Security and Technology
    Replies: 10
    Last Post: 02-17-2009, 10:09 AM
  5. CSF Issue
    By Dylan K in forum Hosting Security and Technology
    Replies: 7
    Last Post: 08-15-2008, 02:07 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •