Port range white list

Question

Port range white list

oim37 opened this issue 5 years ago · 2 comments

Hello,

We use this on web server and it working good, but we also have proftpd in passive mode with (PassivePorts 49152 65535) and if we transfer many files proftpd create many connections and ban ip.
Please add port-range white list.

Answer 1 · 2020-04-01T20:44:56.000Z

You can try enabling ENABLE_PORTS and configuring your PORT_CONNECTIONS rules.

Answer 2 · 2020-04-02T12:43:07.000Z

We try

ENABLE_PORTS=true
PORT_CONNECTIONS="80:690:3600 443:690:3600 8443:690:3600"

service ddos restart (centos 7)

And try with totalcmd copy many php files. Soon we request mail and ip banned with this mail

Banned the following ip addresses on Thu Apr 2 12:35:19 UTC 2020
123.123.123.123:443 with 1 connections

123.123.123.123 - real ip connected and transfer many php files from ftp (Server and client without NAT) both have real ip.

P.S. (We use iptables on centos 7)