I'm looking for a way to block a small ip range in csf, e.g. 151.80.31.103 to 151.80.31.115
I know how to block each ip by issuing a cmmand csf -d IP
, but it is a lot more effective to have a way to block a small set of ip range, as the given example.
I have searched for a while, but not finding any relevant information.
Thanks for any hint!
Best Answer
If you have SSH access, you can manually edit the file /etc/csf/csf.deny with vim or emacs or your favorite text editor.
Here's a portion of the top of that file with some comments:
Given that information, use a subnet calculator (such as this one from MXtoolbox) to determine the smaller subnet. Given your criteria, one possible subnet suggested by mxtoolbox would be 151.80.31.96/27, which would filter everything from 151.80.31.96 through 151.80.31.127.
Make sure that you restart CSF afterwards with
csf -r
and then restart lfd withlfd -r
.