Dedicated Ip and CSF/LFD (firewall) relation

ougogo · Dec 18, 2013

Hi all !

I've a cPanel server with ip 1.1.1.1
I've give a dedicated Ip for one customer : 2.2.2.2

I want to know if it is possible for a user to be banned from 1.1.1.1 but he can continue to access 2.2.2.2 ?
And vice versa ?

Best regards,
Hugo

cPanelMichael · Dec 18, 2013

Hello

I have moved this thread to the "Security" forum on your behalf. Note that questions pertaining to specific firewall applications such as CSF will likely get more answers directly on the support forums of the application.

Thank you.

ougogo · Dec 18, 2013

Thanks.

You have certainly true.
But I think that CSF/LFD is used by a lot of cPanel users, so someone is already certainly asked the question.

Best regards,
Hugo

popeye · Dec 18, 2013

CSF support forums are a waste of time hardly anyone ever answers.

quizknows · Dec 18, 2013

Hugo,

I do not see a way to do this in the CSF documentation; I don't see a way to provide both source and destination IP to a rule, only one or the other. Consult the readme here:

http://configserver.com/free/csf/readme.txt

10. Advanced Allow/Deny Filters
###############################

In /etc/csf.allow and /etc/csf.deny you can add more complex port and ip
filters using the following format (you must specify a port AND an IP address):

tcp/udp|in/out|s/d=port|s/d=ip|u=uid

Broken down:

tcp/udp : EITHER tcp OR udp OR icmp protocol
in/out : EITHER incoming OR outgoing connections
s/d=port : EITHER source OR destination port number (or ICMP type)
(use a _ for a port range, e.g. 2000_3000)
s/d=ip : EITHER source OR destination IP address
u/g=UID : EITHER UID or GID of source packet, implies outgoing connections,
s/d=IP value is ignored

Note: ICMP filtering uses the "port" for s/d=port to set the ICMP type.
Whether you use s or d is not relevant as either simply uses the iptables
--icmp-type option. Use "iptables -p icmp -h" for a list of valid ICMP types.
Only one type per filter is supported

Examples:

# TCP connections inbound to port 3306 from IP 11.22.33.44
tcp|in|d=3306|s=11.22.33.44

# TCP connections outbound to port 22 on IP 11.22.33.44
tcp|out|d=22|d=11.22.33.44

Note| If omitted, the default protocol is set to "tcp", the default connection
direction is set to "in", so|

# TCP connections inbound to port 22 from IP 44.33.22.11
d=22|s=44.33.22.11

# TCP connections outbound to port 80 from UID 99
tcp|out|d=80||u=99

# ICMP connections inbound for type ping from 44.33.22.11
icmp|in|d=ping|s=44.33.22.11

# TCP connections inbound to port 22 from Dynamic DNS address
# ConfigServer Services (for use in csf.dyndns only)
tcp|in|d=22|s=www.configserver.com
Click to expand...

ougogo · Dec 18, 2013

Thanks !

That's what I thought ...

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

Dedicated Ip and CSF/LFD (firewall) relation

ougogo Well-Known Member

cPanelMichael Forums Analyst
Staff Member

ougogo Well-Known Member

popeye Well-Known Member

quizknows Well-Known Member

ougogo Well-Known Member

Document Root for dedicated ip address

Something has been switching my dedicated IPs to shared lately..

Dedicated IPv6 IP Only to domain

Dedicated server overloading because of mysql

Dedicated mailing IP per user account

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

Dedicated Ip and CSF/LFD (firewall) relation

ougogo Well-Known Member

cPanelMichael Forums Analyst Staff Member

ougogo Well-Known Member

popeye Well-Known Member

quizknows Well-Known Member

ougogo Well-Known Member

Document Root for dedicated ip address

Something has been switching my dedicated IPs to shared lately..

Dedicated IPv6 IP Only to domain

Dedicated server overloading because of mysql

Dedicated mailing IP per user account

Share This Page

cPanelMichael Forums Analyst
Staff Member