New csf v7.50

Changes:

  • Added new BETA options LF_IPSET, IPSET. Use ipset for CC_* and csf.blocklist bulk list matching. See csf.conf for more info
  • Added new UI option to view ports on the server that have a running process behind them listening for external connections
  • Added new CLI option (csf -p, csf –ports) to view ports on the server that have a running process behind them listening for external connections
  • Added new CLI option (csf –graphs) to Generate System Statistics html pages and images for a given graph type into a given directory. See ST_SYSTEM for requirements
  • If using DYNDNS and the FQDN has multiple A records then all IP addresses will now be allowed
  • IPv6 support added to DYNDNS. Requires the Perl module Socket6 from cpan.org to be installed
  • On DA servers, if LF_DIRECTADMIN is enabled, DIRECTADMIN_LOG_* will be scanned for login failures to Roundcube, SquirrelMail and phpMyAdmin if installed and logging enabled via CustomBuild v2+. Failures will contribute to the LF_DIRECTADMIN trigger level for that IP
  • On DA servers, FTPD_LOG now defaults to /var/log/messages on new installs
  • Added exe:/usr/libexec/dovecot/anvil to csf.pignore for new installs on DA
  • Added to UI count of entries in /etc/csf/csf.allow
  • Added blocklist.de to csf.blocklists for new installs, latest file copied to /etc/csf/csf.blocklists.new on existing installs
  • Started moving common functions to separate modules within csf
  • HTTP::Tiny upgraded to v0.050
  • Fixed csf stop/start routines on reboot for servers using systemd
  • Modified integrated UI to display die errors to browser
  • Modified X_ARF report to use a self-published schema: http://download.configserver.com/abuse_login-attack_0.2.json
  • Modified X_ARF to lowercase the Source-Type field
  • Modified X_ARF template to use the v0.2 “X-XARF: PLAIN” header field
  • Updated restricted UI items
  • Geo::IP upgraded to v1.45
  • Crypt::CBC upgraded to v2.33