General

Changes:

• Always report UID:GID of a DIRWATCH file incase the user account owning a reported file no longer exists
• Report error gracefully on CIDR->add failures and continue
• Added “query (cache)” check to BIND flooding regex
• Fix issue with killing Advanced Port blocks using the pipe separator
• Update warning messages to include xt_owner with ipt_owner
• Replace URL in Server Check for instructions on disabling IPv6
• Fixed a bug in LF_CPANEL_ALERT ip address tracking
• Added new option LF_CPANEL_ALERT_USERS to be used with LF_CPANEL_ALERT to alert for a specified list of WHM/cPanel account logins. See csf.conf for more information
• Added new feature: Port Knocking. See csf.conf and readme.txt for more information on the PORTKNOCKING, PORTKNOCKING_LOG and PORTKNOCKING_ALERT options
• Added new UI option: Quick Ignore, for IP addresses

Changes:

• Added Server Check report check that klogd is running if using syslogd or that klog module is loaded if running rsyslogd
• Added Server Check report, checks for apache settings: TraceEnable, ServerSignature, ServerTokens and FileETag on cPanel servers
• Fixed ip6tables IPV6_SPI check warning for older kernels
• Added instruction to open outgoing TCP6 and UDP6 ports when using an older kernel for ip6tables
• IPv6 Final (no longer Beta)
• Added new option LT_SKIPPERMBLOCK. If LF_PERMBLOCK is enabled but you do not want this to apply to LT_POP3D/LT_IMAPD, then enable this option
• Added new option PT_USER_ACTION. If a PT_* event is triggered, then PT_USER_ACTION will be run in a child process and passed the PID(s) of the process(es)