cPanel

New csf v1.4

11th June 2006

Some new features for the csf firewall:

Fixed error routine iptables flush command typo
Modified interface checking for non-english Linux distributions
Modified interface checking for IP addresses assigned to multiple interfaces by mistake (I’ve just seen this happen!)
Set FORWARD chain to ACCEPT on stopping firewall
Reorganised csf.pl code
Added advanced port+ip filtering within csf.allow and csf.deny with the format: tcp/udp:in/out:s/d=port:s/d=ip (see readme.txt for info)
Added link to readme.txt in WHM interface
Added iptables status (Running/Stopped) to WHM interface
Added Quick Allow and Quick Deny IP address options to WHM interface

Upgrade within WHM or read the upgrade.txt in the tarball.

New csf v1.33

8th June 2006

The latest release of csf is now available for upgrade within WHM with the following changes:

Added blocking of SSL POP3 and IMAP ports to LT (993/995)
Added option to Restart csf+lfd within WHM interface when appropriate
Added buttons to WHM interface to remove APF or BFD if still installed
Removed csf nat and mangle chain actions

New csf v1.32

5th June 2006

Another release which addresses:

Modified log line checking to deal with syslog compression. This iswhere syslog will add a line “last message repeated X times” if thenext line it were to add is identical to the last. This could lead tologin attempts being missed. But no more – lfd now checks for thatline and repeats the processing of the previous log line X times tocount all the login failures

Upgrade via WHM or read upgrade.txt in the tarball.

New csf v1.3

2nd June 2006

Can’t keep a good programmer down ;)Some nice new features and some speedups in this latest release:

Fixed a problem with the tick time in the alert report
Changed the way allow and deny IP addresses are inserted into iptables so that using the command line -a or -d doesn’t require a firewall restart
csf -l now shows iptables line numbers
Added login tracking (LT) options to keep track of POP3 and IMAP logins and limit them to X connections per hour per account per IP address. Uses iptables to block offenders to the appropriate protocol port only and flushes them every hour. All of these blocks are temporary and can be cleared by restarting csf

If you upgraded to v1.2 you should be able to upgrade now from within WHM, otherwise follow the upgrade.txt file in the tarball.

New csf v1.1

29th May 2006

Thanks to popular demand, I’ve added a new feature to csf:

1.1

ConfigServer Firewall and Login Failure Daemon Released

28th May 2006

The first release version of csf+lfd is now available. We’re offering it as a free download under our script license for anyone who wishes to implement it on their cPanel servers:http://www.configserver.com/cp/csf.html

MailScanner Script v2.38 Released

27th May 2006

I’ve released a new version of our MailScanner install/upgrade script with the following changes:

v2.38

ConfigServer Firewall and Login Failure Daemon Beta

24th May 2006

Well, it’s here in beta form. If you would like to try out our new firewall application then please drop me an email at sales@waytotheweb.com and I’ll send you the tarball.We have done a lot of work making sure that the firewall won’t lock you out (it flushes the tables on error) when starting, including a crontab entry to flush iptables.Note: You need to be running a RedHat or derivative OS. That is, RH9, RHE3/4, CentOS3/4, Fedora Core 1/2/3/4/5

ConfigServer Firewall and Login Failure Daemon

22nd May 2006

We’ve been working on developing our own iptables firewall, login failure daemon and WHM front-end. The idea is to provide a complete, straight-forward, easy to configure and maintain, solution. There are, of course, other products available that can provide you with this functionality. However, in our experience over the years, we’ve found them lacking in some fundamental aspects. We’re trying to address those with our new development.It’s likely to stay in beta-testing for some time (once we have that available) to ensure that it is robust as possible.For now, the product will be Linux only (possible RH and derivatives only) and we are as yet undecided on the license we will distribute the product under and how that distribution is done. It will also be exclusively for cPanel servers, certainly initially.We’re hoping to have this working on VPS servers, but it depends a lot on your VPS provider and their willingness/ability to provide the correct iptables modules in their kernels.More details will follow in due course, including a call for brave beta-testers ;)Visit the products page on our site here.

HTML Mail Bug in MailScanner v4.53.8

18th May 2006

There’s a bug in the MailScanner code where if you have it configued to scan HTML email for dangerous content it actually strips out link text and images. To correct this, you can either:

wait until the next release from MailScanner
install the latest beta release by modifying msintall.pl to use the URL to the distribution on the www.mailscanner.info site
apply the following patch…

You need to replace the Message.pm file in /usr/mailscanner/lib/MailScanner/ :

cd /usr/mailscanner/lib/MailScanner/wget http://www.configserver.com/free/Message.pm.gzcp Message.pm Message.pm.prepatchgunzip Message.pm.gzchmod 755 Message.pmservice MailScanner restart