how: /usr/sbin/csf -g 'fragment of IP', no´t IP complet ??

000

Well-Known Member
Jun 3, 2008
277
12
68
Hello.

I need know if CSF block IPs containing "32"
also starting with: "132"
...

is possible ?

With

/usr/sbin/csf -g 132.232.97.47

I can get only THIS IP

But is possible find BY FRAGMENTS ?
( how )

Thanks
 

000

Well-Known Member
Jun 3, 2008
277
12
68
Yes, why not just give it a try? ;)

csf -g 132.
Thanks, you can see result in my CentOs 7 + cPanel:
Code:
[[email protected] ~]# /usr/sbin/csf -g 94.191.94.148

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination

filter DENYIN           4       92  5520 DROP       all  --  !lo    *       94.191.94.148        0.0.0.0/0

filter DENYOUT          4        0     0 LOGDROPOUT  all  --  *      !lo     0.0.0.0/0            94.191.94.148


ip6tables:

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination
No matches found for 94.191.94.148 in ip6tables

csf.deny: 94.191.94.148 # lfd: (sshd) Failed SSH login from 94.191.94.148 (CN/China/-): 5 in the last 3600 secs - Sun Sep 29 18:28:32 2019
[[email protected] ~]#
and now only FRAGMENT of IP:
Code:
[[email protected] ~]# /usr/sbin/csf -g 91*

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination
No matches found for 91* in iptables


ip6tables:

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination
No matches found for 91* in ip6tables
[[email protected] ~]#