csf

Changes:

• Modified Port Scan Tracking to ignore blocked IP addresses incase DROP_IP_LOGGING is enabled

Changes:

• Added Apache Server Status report to PT_LOAD for load average report monitoring. To benefit from this feature you will need to rename the new report file /etc/csf/loadalert.txt.new to loadalert.txt. The reports (ps, vmstat and apache) are now included as MIME attachments in the email report instead of inline text
• New feature: Port Scan Tracking. This feature tracks port blocks logged by iptables to syslog. It can help block hackers attempting to scan the server for open ports, or to block them while trying to access blocked standard ports, e.g. SSH. See csf.conf for more information
• Upgraded the urlget module

Changes:

• Added perl regex checking to csf.pignore with the new options puser, pexe and pcmd. Text added to csf.pignore for new installations:

# Or, perl regular expression matching (regex):## pexe:/full/path/to/file as a perl regex[*]# puser:username as a perl regex[*]# pcmd:command line as a perl regex[*]## [*]You must remember to escape characters correctly when using regex’s, e.g.:# pexe:/home/.*/public_html/cgi-bin/script\.cgi# puser:bob\d.*# pcmd:/home/.*/command\s\to\smatch\s\.pl\s.*

Changes:

• Added two new options ICMP_IN_RATE and ICMP_OUT_RATE which allow you to set the incoming and outgoing ICMP rate limits independently, or to disable rate limiting in either direction completely for ICMP packets

Changes:

• Modified LF_DIRWATCH_FILE to use the output from “ls -lAR” instead of
  

Changes:

• Modified the text comments at the top of csf.allow for new installs:# Note: IP addressess listed in this file will NOT be ignored by lfd, so they# can still be blocked. If you do not want lfd to block an IP address you must# add it to csf.ignore
• Removed RELAYHOSTS check from Server Check report
• Don’t show SMTP_BLOCK check if on a VPS in Server Check report
• PT_USERKILL, if set, will now also kill user processes that exceed PT_USERPROC
• Fixed problem where csf.tempusers was not being cleared down on an lfd restart
• Added two new csf command line options to flush IP’s from the temporary ban list: -tr -tf (see csf -h for more information)

We are always extremely grateful for any donation that we receive for our efforts in bringing you our free scripts. After repeated requests, we’ve added Subscription Payments along with our single donations button for those that prefer this method. An example is on the csf page.Thanks again to anyone who donates, no matter the amount, as it does help us spend time on the free projects.,

Changes:

• Tightened DNS port configuration restrictions as the old rules were being catered for by iptables connection
• Added Kerio Mailserver POP3/IMAP regex’s