New csf v5.01

Changes:

  • Added a new 7th argument to BLOCK_REPORT that includes the log lines that triggered the block (excludes LF_NETBLOCK and LF_PERMBLOCK)
  • Added new CLI option csf –tempallow (csf -ta) which works in exactly the same way as csf –tempdeny (csf -td) except it provides a method of temporary IP allows for a given duration. csf -t, csf -tf and csf -tr now apply to both deny and allow entries
  • Allow the use of a duration suffix in csf -ta and csf -td for m, h and d (minutes, hours and days). Only one suffix allowed and only integers
  • Updated UI entry for adding and removing temporary allows and blocks
  • Display temporary block TTL in days hours minutes and seconds
  • Added new CLI option csf –watch [ip] (csf -w [ip]) and configuration option WATCH_MODE. This new option logs SYN packets from a specified source as they traverse the iptables chains. This can be extremely useful in tracking where that IP is being DROPed or ACCEPTed by iptables. See readme.txt for more information
  • Modified csf and lfd init scripts to be LSB-compliant
  • Modified BOGON/DSHIELD/SPAMHAUS block list retrieval to only download the list if it has not already been retrieved within the configured interval. This is to help prevent blacklisting by the list provider for repeated downloads after frequent lfd restarts
  • Fixed problem with csf -q and csf -sf not restarting the firewall if there was a previous startup error