Server Software and Configuration Services
New csf v2.25
Fixes and Features:
- Modified lfd init procedure to use the init functions
- Modified behaviour of LF_TRIGGER. If LF_TRIGGER is set to “0” then lfd will instead trigger blocks based on the value of the application trigger, e.g. if LF_MODSEC is set to “3” then it will trigger on 3 mod_security alerts. Or if LF_POP3D is set to “10” then it will trigger on 10 pop3d login failures. When in this mode, i.e. with LF_TRIGGER set to “0”, login failures for different triggers are not cumulative, whereis LF_TRIGGER set to a number > “0” they are cumulative as before
- Modification to csf.conf to reflect the changes to LF_TRIGGER – only applied to new installations
- Rewrite of the iptables command invocation in lfd.pl to trap iptables errors and shutdown firewall if any found – should help prevent lockouts
- Allow advanced rules in Global Allow and Deny lists. Input and Output direction support included.
- Added Global Allow and Deny lists to the OUTPUT chain as well as the INPUT chain
- Added csf.signore where you can list scripts for LF_SCRIPT_ALERT to ignore. Updated WHM UI to allow easy file edits