cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e3cf8514dfea242ebddc0715eb6889d86fe9b057
Linux-Server-Management-Too…/modules/security
T
History
cschantz e3cf8514df CRITICAL FIX: Always use CSF's chain_DENY ipset for blocking 
Issue: Script was creating its own temporary ipset when CSF's chain_DENY
existed but didn't support timeouts. This caused IPs to be blocked in a
separate ipset instead of CSF's official blocking list.

Fix: Restructured IPset initialization to ALWAYS prefer CSF's chain_DENY
- chain_DENY exists → Use it (the authoritative CSF blocking ipset)
- chain_DENY doesn't exist → Create temporary ipset as fallback
- No ipset available → Fall back to CSF -td command

Benefits:
- All IPs blocked go to CSF's chain_DENY (standard blocking mechanism)
- CSF configuration/UI sees all blocks
- Better integration with CSF's deny list management
- 70+ IPs/sec can now be properly added to the known CSF block ipset

Testing:
- Verified ipset list chain_DENY detection
- Syntax validated
- Backward compatible with ipset without timeout support

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-06 22:07:13 -05:00
..
bot-analyzer.sh
Standardize bot-analyzer.sh menu validation and improve input handling
2026-02-11 22:45:04 -05:00
bot-blocker.sh
Standardize bot-blocker.sh menu validation, colors, and yes/no prompts
2026-02-17 18:42:04 -05:00
enable-cphulk.sh
Fix cPHulk to use SQLite database instead of MySQL
2025-12-11 17:01:17 -05:00
firewall-activity-monitor.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
ip-reputation-manager.sh
Fix final 10 HIGH integer comparisons in live-attack-monitor and ip-reputation-manager
2025-12-03 20:12:20 -05:00
live-attack-monitor-v2.sh
CRITICAL FIX: Always use CSF's chain_DENY ipset for blocking
2026-03-06 22:07:13 -05:00
live-attack-monitor.sh
Add immediate blocking for RCE and critical web exploits
2026-02-20 23:04:35 -05:00
malware-scanner.sh
Standardize malware-scanner.sh menu validation, colors, and yes/no prompts
2026-02-17 18:42:50 -05:00
optimize-ct-limit.sh
Fix remaining AWK-UNINIT issues in bot-analyzer and network analysis
2026-02-07 02:50:34 -05:00
ssh-attack-monitor.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
suspicious-login-monitor.conf.example
MAJOR: Add advanced false positive reduction - whitelists, admin context, temporal analysis
2026-02-03 02:13:10 -05:00
suspicious-login-monitor.sh
Fix TYPE-MISMATCH and AWK-UNINIT issues in email analysis scripts
2026-02-07 02:43:07 -05:00
tail-apache-access.sh
CRITICAL FIX: Update InterWorx log file name from access_log to transfer.log
2025-11-20 15:50:45 -05:00
tail-apache-error.sh
REFACTOR: Class B modules - Multi-panel log discovery
2025-11-19 20:06:50 -05:00
tail-mail-log.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
tail-secure-log.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
web-traffic-monitor.sh
CRITICAL FIX: Update InterWorx log file name from access_log to transfer.log
2025-11-20 15:50:45 -05:00