Solved csf integration vs customization

factor

factor

Verified User
Joined
Jul 22, 2017
Messages
3,729
Location
USA
Link: https://docs.directadmin.com/direct...with-bfm/#enabling-csf-for-an-existing-server

The Guide shows to remove these files.
/usr/local/directadmin/scripts/custom/block_ip.sh
/usr/local/directadmin/scripts/custom/brute_force_notice_ip.sh
/usr/local/directadmin/scripts/custom/show_blocked_ips.sh
/usr/local/directadmin/scripts/custom/unblock_ip.sh
Click to expand...
What I want know are there standard versions I can copy to script custom? I want to add info to them. I cant find them.

Also can I changed the location of these files in the directadmin.conf. Without breaking the Native integration or do I not need them?
/root/blocked_ips.txt
/root/exempt_ips.txt
These values are here
ip_blacklist
ip_whitelist
Click to expand...

If not I assume I can just customize like in Alex's old script?
 
bdacus01 said:
What I want know are there standard versions I can copy to script custom? I want to add info to them. I cant find them.
Click to expand...
I don't know sure if I understand you correctly, but I don't use the automatic/integrated system. Install CSF/LFD myself.
However I do use the first 2 files mentioned because DA's internal BFM looks for these anyway.

For example my brute_force_notice_ip.sh looks like this:
Code: 
#!/bin/sh
SCRIPT=/usr/local/directadmin/scripts/custom/block_ip.sh
ip=$value $SCRIPT
exit $?;
So this is purely to have DA's BFM put some value stuff into the block_ip.sh script and call it automatically which contains this:
Code: 
#!/bin/sh

/etc/csf/csf.pl -td $ip 14400 BFM IP Block

exit 0;
which takes cate that the bruteforce is temporary banned for 14400. I do have another value in there, this is just an example, so fit this time to your needs.

The files
/root/blocked_ips.txt
/root/exempt_ips.txt
are used to get the windows with the ip's in the BFM in DA's GUI.
I presume if you want to change the location (I wonder why) it should be changed in the according .sh files.
 
Yes I am interested in going back to the custom way like you have. Like the way it was before the integration.

It was this way in FreeBSD. I could make it what I wanted.
 
There is still some manual from Zeiter for the old ways where the /root/blocked_ips.txt work. I used them without that and then have them mentioned but without any content.
You can find that here:
github.com

GitHub - poralix/directadmin-bfm-csf: A set of scripts to let Brute Force Monitor in DirectAdmin to block IPs using CSF/LFD. If you need custom installation or support please feel free to request it here or on our site

A set of scripts to let Brute Force Monitor in DirectAdmin to block IPs using CSF/LFD. If you need custom installation or support please feel free to request it here or on our site - poralix/direct...
github.com github.com

Depends on what you want. You can also easily unblock an ip from the csf plugin, which nowadays also can be used by resellers.
So it's a choice. Use the build in. the one from Poralix or use your own. The ones from Poralix and your own are customizable anyway, just have to watch out what you're doing.

I didn't want to be bothered anymore so I let BFM just trigger an automatic temp ban and ready. CSF detects temp bans and creates definate bans when some ip has x tempbans within an x period of time. So I don't have to look at it anymore. And if some customer gets banned (happens rarely) he's fastly unblocked, either via GUI of CSF or (like I do) via SSH.
In such cases I anyway always look into the lfd.log to find the reason why. Which is mostly some password error on some mobile device or older laptop which got into use again. ;)
 
You must log in or register to reply here.
Back
Top