Implemented the use of cPanel routine Cpanel::Rlimit to remove process resource limit restrictions as the cPanel memory limitation setting was causing the Server Check to abort with memory allocations problems through WHM on some servers
Modified port checking for 23 and 53 in Server Check to no longer use the fuser binary and use the port mappings directly from /proc
Modified lfd and Server Check to check for IPv6 bound processes as the IPv4 and IPv6 connections are stored in a different file to IPv4 only bound processes
Modified lfd Login Failure tracking to use a per IP address rolling LF_INTERVAL window rather than a static one for all tracked IPs. This makes login failure counting more accurate and blocking more responsive
Added new feature – Block Reporting. lfd can run an external script when it performs and IP address block following for example a login failure. BLOCK_REPORT is to the full path of the external script. See readme.txt for format details
If csf is installed or upgraded via an SSH session the connecting IP address will now be automatically added to csf.allow (note: it is not added to csf.ignore so lfd may still block it). This IP can be removed after testing if desired
Modified the lfd.log format to the standard::: lfd[]: If you parse lfd.log you will need to update your scripts!
Fixed addition of exe:/usr/libexec/hald-addon-keyboard to csf.pignore for existing installations
Modified the calculation for the position of LOCALOUTPUT in the OUTPUT chain
Added /etc/cron.d/lfdcron.sh to restart lfd daily
Added exe:/usr/libexec/dovecot/imap and exe:/usr/libexec/dovecot/pop3 and exe:/usr/sbin/mysqld_safe to csf.pignore
Modified SCRIPT_ALERT regex to cope with exim log format changes in FC8+
As per RFC5322, adding port 587 to the default TCP_IN list of ports for new installations (i.e. it is now recommended for SMTP servers to offer port 587 access for MUA to MTA traffic rather than port 25 which is for MTA to MTA traffic)
Added informational text to Process Tracking email report if a process is running an executable that has been deleted
Added csf version to the daemon startup log line in lfd.log
Added /usr/libexec/hald-addon-keyboard to csf.pignore
Modified the static DNS port rules to always allow all OUTGOING (only) connections to/from port 53 udp/tcp. This should help the situation where some servers iptables block outgoing port 53 udp connections despite the port being open
Added new option DNS_STRICT which will remove all static DNS rules and allow access only through SPI. For stability reasons, it would be advisable to leave this option disabled (default)
