1

I'm looking for a way to block a small ip range in csf, e.g. 151.80.31.103 to 151.80.31.115

I know how to block each ip by issuing a cmmand csf -d IP, but it is a lot more effective to have a way to block a small set of ip range, as the given example.

I have searched for a while, but not finding any relevant information.

Thanks for any hint!

aye
  • 229
  • 3
  • 11

1 Answers1

2

If you have SSH access, you can manually edit the file /etc/csf/csf.deny with vim or emacs or your favorite text editor.

Here's a portion of the top of that file with some comments:

# The following IP addresses will be blocked in iptables
# One IP address per line
# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24)
# Only list IP addresses, not domain names (they will be ignored)
#
# Note: If you add the text "do not delete" to the comments of an entry then
# DENY_IP_LIMIT will ignore those entries and not remove them

Given that information, use a subnet calculator (such as this one from MXtoolbox) to determine the smaller subnet. Given your criteria, one possible subnet suggested by mxtoolbox would be 151.80.31.96/27, which would filter everything from 151.80.31.96 through 151.80.31.127.

Make sure that you restart CSF afterwards with csf -r and then restart lfd with lfd -r.

David W
  • 3,405
  • 5
  • 34
  • 61
  • Thanks @David W for your answer, however, i'm asking for the way to block a small ip range as in the given example, not individual IP and not the entire subnet. Not sure whether that is possible, since i can't find any relevant info on the internet – aye Feb 04 '17 at 17:16
  • 1
    You can block a smaller subnet. I'll edit the answer for clarity. – David W Feb 04 '17 at 17:17