General

New csf v4.25

Changes:

  • Fixed bug in csf –grep when CIDRs used in advanced port filters
  • Fixed problems with aborted Server Check Report
  • Fixed position of the lo device rule in the OUTPUT chain which broke SMTP_BLOCK
  • Added new option SMTP_PORTS which is used by SMTP_BLOCK to block all listed ports (not just port 25). This is populated on installation or when TESTING = 1 if an additional port is listed in “WHM > Service Manager > exim on another port”. Otherwise, SMTP_PORTS needs to be updated manually. The default setting contains port 25
  • SMTP_BLOCKs will now log if DROP_IP_LOGGING is enabled

New csf v4.24

Changes:

  • Added workaround for issue with WHM image display in the addon header for cPanel v11.24
  • *Added cPanel v11.24 FTP Anonymous Upload checks in Server Report
  • *Added cPanel v11.24 FTP Cipher Suite checks in Server Report
  • *Added cPanel v11.24 Apache Cipher Suite checks in Server Report
  • *Added cPanel v11.24 Exim Cipher Suite checks in Server Report
  • Added Fedora v8 to the obsolete OS list now that v10 is out
  • Updated dovecot regex in regex.pm for v1.1.6 used by cPanel

* Will only display if cPanel version is >= 11.24

New csf v4.23

Changes:

  • Added skip to connection and process tracking for empty tcp6 connection data
  • Fixed PT_LOAD email output of ps and vmstat

New csf v4.22

Changes:

  • Additional fixes for an issue on VPS servers where temporary block removal from csf.tempban failed

New csf v4.21

Changes:

  • Fixed an issue on VPS servers where temporary block removal from csf.tempban failed

New csf v4.20

Changes:

  • Modified csf.tempban processing code in lfd to perform more stringent file locking to preserve temporary bans if lfd is writing during shutdown
  • Modified Port Scan tracking of IP’s to not attempt multiple blocks on the same IP address in the same log line processing batch
  • Fixed broken timestamp in lfd.log for dates < 10th of the month
  • Various code modifications to improve performance and stability

New csf v4.19

Anyone running v4.18 of csf should upgrade ASAP to v4.19 as the deadlock situation could lead to lfd hangingChanges:

  • Reverted the tied file changes as they were causing a deadlock situation locking csf.tempban
  • Improved the process tracking detection of deleted executables of running processes

New csf v4.18

Changes:

  • Modified temporary IP address storage to use a tied file to preserve temporary bans if lfd is writing during shutdown

New csf v4.17

Changes:

  • Replaced the use of backticks in csf, lfd and the WHM UI with calls to IPC::Open3
  • Various lfd and csf code improvements and tidy up
  • Ensure lfd parent dies cleanly on error
  • Debug information improved and timer modified to use Time::HiRes for more accuracy

csf on Ubuntu and Mandriva

We have confirmed that generic csf works on:Ubuntu v8.10Mandriva 2009Adding these two to the supported OS list.