ConfigServer Services Blog

Changes:

– Only log Log Scanner in lfd.log if DEBUG set to 2 to allow empty reports if monitoring lfd.log
– Added new option LF_BOGON_SKIP. If you don't want BOGON rules applied to specific NICs, then list them in a comma separated list
– Added new option LF_CONSOLE_EMAIL_ALERT which will send an email if there is a root login to the server console. This is enabled by default

Changes:

• New feature – Log Scanner. This feature will send out an email summary of the log lines of each log listed in /etc/csf/csf.logfiles. All lines will be reported unless they match a regular expression in /etc/csf/csf.logignore
• Set LWP::UserAgent agent to “csf/[version]” instead of the default

Changes:

• csf and lfd modified to better handle !lo interface for compatibility with newer iptables versions
• Removed use of Sys::Hostname::Long
• Added new options LF_APACHE_403 and LF_APACHE_403_PERM. This option will keep track of the number of “client denied by server configuration” errors in HTACCESS_LOG. If the number of hits is more than LF_APACHE_403 in LF_INTERVAL seconds then the IP address will be blocked. See csf.conf for more information