cPanel

Changes:

• Additional Feature: Added support for listing ASNs in all Country Code (CC_*) options
• Fixed GLOBAL_ALLOW and GLOBAL_DENY when LF_IPSET is enabled
• Fixed GLOBAL_DYNDNS when LF_IPSET and LF_IPV6 are enabled
• IPSET binary location set to /sbin/ipset for Debian/Ubuntu new installs
• Additional regex included for vsftp login failures

Changes:

• Fixed issue on non-RedHat OS installations that failed due to problems whitelisting the installers IP address

Changes:

• Fixed issues with new non-RedHat OS installations by reasserting perl module check to the start of the installation process but removing included modules from checks
• Ports 2079 and 2080 added to TCP_IN for new cPanel installs to allow CalDAV/CardDAV access

Changes:

• Check /sys/module/ipt_recent/parameters/ip_pkt_list_tot or /sys/module/xt_recent/parameters/ip_pkt_list_tot if defined to allow higher settings for PORTFLOOD than the default of 20 if configured
• Added LimitNOFILE to lfd.service on servers using systemd to allow for large numbers of open files
• Cater for full stops (.) in ethernet device names
• Moved Perl module checks until after csf installation has completed so that all included modules exist in /usr/local/csf/lib/

Changes:

• Fixed csf.sips modification via UI on Redhat/CentOS v7.1
• Raised csf.blocklist names from 9 to 25 characters long. This cannot be greater due to limits on ipset names on some OS’s and the use of prepended names for new ipset list swapping
• Added output from netstat for PT_LOAD to loadalert.txt for new installs. For existing installs, latest file copied to /usr/local/csf/tpl/loadalert.txt.new