Portal Home > Knowledgebase > Articles Database > CSF Loaded With Thousands of IPs! Help with Firewall


CSF Loaded With Thousands of IPs! Help with Firewall




Posted by WWTSLarry, 08-24-2011, 11:20 PM
When I attempt to restart my CSF Firewall either through the Web Gui or via csf -r ... there are THOUSANDS! of IP addresses that are set to 'Allowed' and I have restored a blank file into iptables and I have also checked the all of the CSF config files. I want to know.. how all of these IPs are set to be 'allowed' and how I can block them all, IMMEDIATELY! Here's a sample of what I'm getting: ACCEPT all opt -- in * out * 3.0.0.0/8 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.0.0.0/12 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.16.0.0/16 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.0.0/17 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.128.0/22 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.132.0/23 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.134.0/24 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.135.0/27 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.135.64/26 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.135.128/25 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.136.0/22 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.140.0/23 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.142.0/24 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.143.16/28 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.143.32/27 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.143.64/26 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.143.128/25 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.144.0/20 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.160.0/19 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.17.192.0/18 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.18.0.0/19 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.18.32.0/26 -> 0.0.0.0/0 ACCEPT all opt -- in * out * 4.18.32.64/29 -> 0.0.0.0/0 Please help.... this is VERY urgent and have got to get these IPs out and get them all BLOCKED, ASAP! Any assistance is appreciated.

Posted by Isaac Newton, 08-25-2011, 02:13 AM
Is your /etc/csf/csf.allow file empty? Empty it and restart csf as the first step.

Posted by WWTSLarry, 08-25-2011, 02:14 PM
Isaac, Yes.. I checked that.. and nothing.. but MY IP in there. All the rest is empty.

Posted by brianoz, 08-25-2011, 06:26 PM
Do you have a global allow URL set in csf.conf?



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
iptables questions (Views: 307)