Saturday, April 6, 2013

Making the CSF temporary block permanent

Temporary to Permanent IP blocking. The following enables this feature to
# permanently block IP addresses that have been temporarily blocked more than
# LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. Set
# LF_PERMBLOCK to "1" to enable this feature
#
# Care needs to be taken when setting LF_PERMBLOCK_INTERVAL as it needs to be
# at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting
# (TTL) for blocked IPs, to be effective
#
# Set LF_PERMBLOCK to "0" to disable this feature
LF_PERMBLOCK =  Default: 1 [0-1]

LF_PERMBLOCK_INTERVAL =  Default: 86400 [3600-604800]

LF_PERMBLOCK_COUNT =  Default: 4 [1-20]

LF_PERMBLOCK_ALERT =  Default: 1 [0-1]

# Permanently block IPs by network class. The following enables this feature
# to permanently block classes of IP address where individual IP addresses
# within the same class LF_NETBLOCK_CLASS have already been blocked more than
# LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. Set
# LF_NETBLOCK to "1" to enable this feature
#
# This can be an affective way of blocking DDOS attacks launched from within
# the same networ class
#
# Valid settings for LF_NETBLOCK_CLASS are "A", "B" and "C", care and
# consideration is required when blocking network classes A or B
#
# Set LF_NETBLOCK to "0" to disable this feature
LF_NETBLOCK =  Default: 0 [0-1]

LF_NETBLOCK_INTERVAL =  Default: 86400 [3600-604800]

LF_NETBLOCK_COUNT =  Default: 4 [1-20]

LF_NETBLOCK_CLASS =  Default: C [A or B or C]

LF_NETBLOCK_ALERT =  Default: 1 [0-1]

################################################################

No comments:

Post a Comment