Pages

Showing posts with label FIREWALL. Show all posts
Showing posts with label FIREWALL. Show all posts

Saturday, April 6, 2013

Making the CSF temporary block permanent

Temporary to Permanent IP blocking. The following enables this feature to
# permanently block IP addresses that have been temporarily blocked more than
# LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. Set
# LF_PERMBLOCK to "1" to enable this feature
#
# Care needs to be taken when setting LF_PERMBLOCK_INTERVAL as it needs to be
# at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting
# (TTL) for blocked IPs, to be effective
#
# Set LF_PERMBLOCK to "0" to disable this feature
LF_PERMBLOCK =  Default: 1 [0-1]

LF_PERMBLOCK_INTERVAL =  Default: 86400 [3600-604800]

LF_PERMBLOCK_COUNT =  Default: 4 [1-20]

LF_PERMBLOCK_ALERT =  Default: 1 [0-1]

# Permanently block IPs by network class. The following enables this feature
# to permanently block classes of IP address where individual IP addresses
# within the same class LF_NETBLOCK_CLASS have already been blocked more than
# LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. Set
# LF_NETBLOCK to "1" to enable this feature
#
# This can be an affective way of blocking DDOS attacks launched from within
# the same networ class
#
# Valid settings for LF_NETBLOCK_CLASS are "A", "B" and "C", care and
# consideration is required when blocking network classes A or B
#
# Set LF_NETBLOCK to "0" to disable this feature
LF_NETBLOCK =  Default: 0 [0-1]

LF_NETBLOCK_INTERVAL =  Default: 86400 [3600-604800]

LF_NETBLOCK_COUNT =  Default: 4 [1-20]

LF_NETBLOCK_CLASS =  Default: C [A or B or C]

LF_NETBLOCK_ALERT =  Default: 1 [0-1]

################################################################