Chirpy

Changes: Fixed log file error if DShield or Spamhaus block list retrieval fails Added perl regex matching in csf.fignore (see updated readme.txt)

This should stabalise the LF_DIRWATCH feature now: Fixed a looping issue with the temporary Connection Tracking block code Added a 10 second timeout for the LF_DIRWATCH child to prevent looping

Some bugfixes and changes to LF_DIRWATCH: In LF_DIRWATCH, allow wildcard matching at the end of a file name in csf.fignore, such that /tmp/clamav* will ignore any files starting with /tmp/clamav, e.g. /tmp/clamav-1234 Added a throttle to LF_DIRWATCH – if more…

Brand new feature: New feature: Directory Watching. LF_DIRWATCH enables lfd to check /tmp and /dev/shm and other pertinent directories for suspicious files, i.e. script exploits. These can optionally be moved into a tarball Directory Watching false-positives can be listed in…

New version with a nice new feature for those with multiple NICs: Modified code to allow for multiple ethernet NICs so that all rules are applied to all NICs, for example, if you have IP’s spread over eth0 and eth1.…

New changes for v1.97: Tightened DNS port 53 connections in accordance with: Moved no log dropping to the end of the chains Moved allowed IP’s to before Block Lists Be aware of the upgrade issues in v1.93 and v1.94:

1.95

New version with some changes and bugfixes: Fixed problem where external resolvers were being used and responses from them were being dropped because they were coming back on ephemeral ports – added a scan of and external nameservers now…