csf

New csf v2.87

Changes:

  • Fixed duplication of settings during generic configuration upgrade procedure
  • Only display version confirmation update message when running csf -u interactively (Thanks to Brian Coogan for the perl tip)
  • Fixed issue with temporary files not being truncated before being written to, which caused problems e.g. with global allow/deny files
  • Added new option CT_SKIP_TIME_WAIT to exclude TIME_WAIT state from connection tracking
  • Updated the csf webmin module to use the &ReadParse() routine to overcome problems when running through SSL (Thanks to Tim Ballantine for this tip)

New csf v2.85

Changes:

  • Fixed a problem with v2.84 which broke permanent IP blocking in lfd – it’s been a long week :-/

New csf v2.84

Changes:

  • Fixed problem with permanent LF blocks in lfd for individual application port blocks when set to permanent
  • Added new SYSLOG option to csf.conf to allow additional lfd logging to SYSLOG (requires perl module Sys::Syslog)
  • Added a minimum to LF_DSHIELD and LF_SPAMHAUS ip block lists refresh interval of 3600 to prevent getting yourself blocked!

N

New csf v2.82

Changes:

  • Fixed a documentation for LF_TRIGGER_PERM
  • Fixed issue where RT_[relay]_ALERT set to “0” was being ignored
  • Fixed condition from v2.80 which prevented SCRIPT_ALERT from working
  • If killproc.conf does not exist the Server Check now links to the Background Process Killer page instead of issuing a file missing error

New csf v2.81

Changes:

  • Added exe:/usr/local/cpanel/cpdavd to csf.pignore
  • Added option to disable refresh in WHM csf UI when viewing lfd.log
  • Removed debug code that prevented IP blocking — oops

New csf v2.80

Changes:

  • Added new lfd feature – Relay Tracking. This allows you to track email that is relayed through the server (cPanel only). It tracks general email sent into the server, email sent out after POP before SMTP and SMTP_AUTH authentication, local email sent from the server (e.g. web scripts). There are also options to send alerts and block IP addresses if the number of emails relayed per hour exceeds configured limits. The blocks can be either permanent or temporary. Currently blocking does not function for LOCALRELAY email.
  • Introduced a new blocking mechanism in lfd that allows a choice of permanent or temporary IP blocking. See csf.conf (LF_TRIGGER_PERM) for details on how to configure the various blocking options to use temporary instead of permanent blocks, e.g. for Login Failure blocking
  • Modified new installations to default to using seperate triggers for login failures, instead of the global LF_TRIGGER value

New csf v2.79

Changes:

  • Bug fixes
  • Added ACCEPT rule to 127.0.0.1:25 for the “cpanel” user if SMTP_BLOCK is enabled for the new cPanel Webmail configuration in v11
  • Added new configuration option DROP that allows you to choose the drop target for rejected packets (see csf.conf for more information)
  • Remove /etc/cron.d/csf_update on uninstall

New csf v2.77

Changes:

  • Closed vulnerability with temporary file checking
  • Tightened log file regex’s to prevent spoofed remote IP block attacks

New csf v2.76

Changes:

  • Improved file checking in Server Check script to prevent WHM failures

New csf v2.75

Changes:

  • Modified Server Check to only look at pure-ftpd settings if installed
  • Simplified throttling mechanism