CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent IP b
Hi there,
there is 1000 permanent IP bans in the csf.deny file
Edit csf.deny, the IP address deny file (Currently: 1000 permanent IP bans)
I want to release some ips from this file
what i want is release all Ips which starts contain 113.244.11.xxx
see example
113.244.11.xxx
113.244.12.xxx
113.244.22.xxx
113.244.33.xxx
113.244.64.xxx
113.244.67.xxx
there are more than 150 lines which start contains from 113.244
Last edited by crazyaboutlinux; 12-09-2010 at 05:05 AM. Reason: firewall spealing mistake
Re: CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent I
This seems to me a question better asked on the ConfigServer forums.
You might want to read the details on that setting, 1000 is a high number to use, IMO.
# Limit the number of IP's kept in the /etc/csf/csf.deny file. This can be
# important as a large number of IP addresses create a large number of iptables
# rules (4 times the number of IP's) which can cause problems on some systems
# where either the the number of iptables entries has been limited (esp VPS's)
# or where resources are limited. This can result in slow network performance,
# or, in the case of iptables entry limits, can prevent your server from
# booting as not all the required iptables chain settings will be correctly
# configured. The value set here is the maximum number of IPs/CIDRs allowed
# if the limit is reached, the entries will be rotated so that the oldest
# entries (i.e. the ones at the top) will be removed and the latest is added.
# The limit is only checked when using csf -d (which is what lfd also uses)
# Set to 0 to disable limiting
Re: CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent I
Hi Infopro
thanks for the suggestion already contacted ConfigServer forums but i have got a solution from WHT
I just used
sed -i '/113\.244\.../d' csf.deny
All lines were successfully removed from csf.deny file which IPs are starts from 113.224
this is the solutions which i wanted
Re: CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent I
Hello Nilesh,
Sed is such a powerful command ! Thanks for sharing it with us!
Re: CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent I
yeah sed is really most powerful command
Re: CSf Firewall: Edit csf.deny, the IP address deny file (Currently:1000 permanent I
Hey!
Yoo to SED !!
LinkBack URL
About LinkBacks
Reply With Quote