Portal Home > Knowledgebase > Articles Database > CSF Loaded With Thousands of IPs! Help with Firewall
CSF Loaded With Thousands of IPs! Help with Firewall
Posted by WWTSLarry, 08-24-2011, 11:20 PM |
When I attempt to restart my CSF Firewall either through the Web Gui or via csf -r ... there are THOUSANDS! of IP addresses that are set to 'Allowed' and I have restored a blank file into iptables and I have also checked the all of the CSF config files.
I want to know.. how all of these IPs are set to be 'allowed' and how I can block them all, IMMEDIATELY!
Here's a sample of what I'm getting:
ACCEPT all opt -- in * out * 3.0.0.0/8 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.0.0.0/12 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.16.0.0/16 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.0.0/17 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.128.0/22 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.132.0/23 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.134.0/24 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.135.0/27 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.135.64/26 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.135.128/25 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.136.0/22 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.140.0/23 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.142.0/24 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.143.16/28 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.143.32/27 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.143.64/26 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.143.128/25 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.144.0/20 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.160.0/19 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.17.192.0/18 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.18.0.0/19 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.18.32.0/26 -> 0.0.0.0/0
ACCEPT all opt -- in * out * 4.18.32.64/29 -> 0.0.0.0/0
Please help.... this is VERY urgent and have got to get these IPs out and get them all BLOCKED, ASAP!
Any assistance is appreciated.
|
Posted by Isaac Newton, 08-25-2011, 02:13 AM |
Is your /etc/csf/csf.allow file empty? Empty it and restart csf as the first step.
|
Posted by WWTSLarry, 08-25-2011, 02:14 PM |
Isaac,
Yes.. I checked that.. and nothing.. but MY IP in there. All the rest is empty.
|
Posted by brianoz, 08-25-2011, 06:26 PM |
Do you have a global allow URL set in csf.conf?
|
Add to Favourites Print this Article
Also Read
Cronjob issue (Views: 568)