The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

csf / idf blocking IP but not putting it in deny file?

Discussion in 'General Discussion' started by jols, Nov 27, 2006.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Today, twice we found that someone's IP had been blocked in the firewall, but we could not find their IP in the /etc/csf/csf.deny file.

    Tried rebooting csf with

    service csf restart

    And even tried restarting iptables, then csf again, but this did not clear the issue.

    The issue was not cleared until I inserted the blocked IP in the csf allow file, and then restarted the firewall.

    Does anyone know what would cause this?

    And by the way, what is the grep command for iptables for checking just one IP to see if it has been banned?

    Thanks much for any response.
     
  2. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Stranger and stranger:

    We have an IP that is being blocked by the kernal but is not in the iptables firewall:

    Server message log:

    Nov 27 21:42:47 stratus kernel: Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=[server ip here] DST=208.244.116.59 LEN=38 TOS=0x00 PREC=0x00 TTL=1 ID=6263 PROTO=UDP SPT=48042 DPT=33435 LEN=18


    But:

    iptables -L -n | grep 208.244.116.59

    .. returns nothing.

    How could this have occurred?
     
Loading...

Share This Page