General

New csf v2.94

Changes:

  • Fixed linux line-endings in some configuration files from v2.93 – doesn’t affect existing installations

New csf v2.93

Changes:

  • Improved mod_security v2 regex for filter triggers
  • Added MySQL v5 check

MailTools v2.* breaks MailScanner

On servers that are running the perl modules that are a part of MailTools, MailScanner breaks with the recently released v2.*. The errors you will see when starting MailScanner look like this:

Variable “$FIELD_NAME” is not imported at /usr/mailscanner/lib/MailScanner/Message.pm line 6907.Variable “$FIELD_NAME” is not imported at /usr/mailscanner/lib/MailScanner/Message.pm line 6910.Global symbol “$FIELD_NAME” requires explicit package name at /usr/mailscanner/lib/MailScanner/Message.pm line 6907.Global symbol “$FIELD_NAME” requires explicit package name at /usr/mailscanner/lib/MailScanner/Message.pm line 6910.Compilation failed in require at /usr/mailscanner/bin/MailScanner line 79.BEGIN failed–compilation aborted at /usr/mailscanner/bin/MailScanner line 79.

You can determine the module version using:

perl -MMail::Header -e ‘print “$Mail::Header::VERSION\n”‘

To fix this you need to downgrade MailTools to v1.77:

wget http://search.cpan.org/CPAN/authors/id/M/MA/MARKOV/MailTools-1.77.tar.gztar -xzf MailTools-1.77.tar.gzcd MailTools-1.77perl Makefile.PL makemake installcd ..rm -Rfv MailTools-1.77*

New csf v2.92

Changes:

  • Improved the cPanel version check for < v11 and whether up to date
  • Added new CLI option -t (–temp) which lists the temporary IP bans and the TTL before the IP is flushed from iptables
  • Added “View Temporary IP Bans” to WHM UI
  • Changed WHM UI lfd Log auto-refresh default to unchecked
  • Added regex for dovecot “Aborted login” messages in /var/log/maillog
  • Added support for displaying mod_security v2 logs in WHM UI

New csf v2.91

Changes:

  • Added Fedora Core v6 to the obsolete OS check
  • Added php v4 check
  • Added apache v2.2 check
  • Added Perl v5.8.8 check
  • Added cPanel v11 check
  • Modified Sys::Syslog use to utilise the ndelay and nofatal options
  • Added new option GLOBAL_IGNORE which makes lfd ignore IP’s listed in a globally located ignore file
  • Modified Connection Tracking so that lfd doesn’t block IP addresses that resolve to *.cpanel.net (to prevent CT_LIMIT being triggered during a upcp upgrade of cPanel)
  • Added new option CT_STATES to Connection Tracking so that you can specify which connection states you want to count towards CT_LIMIT, e.g. SYN_RECV

New csf v2.90

Changes:

  • Ensured that Process Tracking doesn’t affect processes running under root
  • Added /usr/local/cpanel/bin/cpwrap to the csf.pignore file for new and existing installations
  • Added Apache v2 checks to Server Checks Report
  • Removed mod_evasive from Server Checks Report as it appears to be less relevant, especially with Apache v2

New csf v2.89

Changes:

  • Fixed the csf webmin module
  • Added updates to the webmin module
  • Completely removed use of cat in the WHM module and wget/cat from the webmin module

New csf v2.88

Changes:

  • Fixed typo in csf.conf for new installs LF_LOAD -> PT_LOAD
  • Modified the courier IMAP and POP3D regex’s to include connections over SSL in lfd
  • Modified lfd to ignore cpdavd processes
  • Modified the cPanel regex’s to include cPanel v11 variants in lfd

New csf v2.87

Changes:

  • Fixed duplication of settings during generic configuration upgrade procedure
  • Only display version confirmation update message when running csf -u interactively (Thanks to Brian Coogan for the perl tip)
  • Fixed issue with temporary files not being truncated before being written to, which caused problems e.g. with global allow/deny files
  • Added new option CT_SKIP_TIME_WAIT to exclude TIME_WAIT state from connection tracking
  • Updated the csf webmin module to use the &ReadParse() routine to overcome problems when running through SSL (Thanks to Tim Ballantine for this tip)