Recently My sever got many errors within my ConfigServer Filrewall module:
Code: Select all
Oct 30 04:21:37 srv8 lfd[974616]: Unable to retrieve blocklist MAXMIND - Unable to download: Can't connect to www.maxmind.com:443 (Network is unreachable)
Oct 30 04:26:37 srv8 lfd[975527]: Unable to retrieve blocklist MAXMIND - Unable to download: Can't connect to www.maxmind.com:443 (Network is unreachable)
Oct 30 04:31:38 srv8 lfd[976765]: Unable to retrieve blocklist MAXMIND - Unable to download: Can't connect to www.maxmind.com:443 (Network is unreachable)
Looks Like maxmind.com and abuseipdb.com were changed their network and using frame Content Delivery Network from CloudFlare Inc. which are : 104.17.27.25 and 24.4.237.19
While JavaScript Object Notation (JSON - a standard text-based format for representing structured data based on JavaScript object syntax) is working fine, I have to change Perl module with HTTP::Tiny and Perl module LWP::UserAgent too in /path/to/abuseipdb_report.pl script which is also needs the LWP::Protocol::https perl module to Integrating AbuseIPDB with CSF - Automatically Report and Blocking Bad IPs that attempted intrusions server sources.
I've added IP4:104.17.27.25 and 24.4.237.19 to csf - Quick allow Actions and the problems solved:
Code: Select all
Nov 10 04:19:34 srv8 lfd[1091202]: Retrieved and blocking blocklist MAXMIND IP address ranges
Nov 10 04:19:35 srv8 lfd[1091202]: IPSET: loading set new_MAXMIND with 334 entries
Nov 10 04:19:35 srv8 lfd[1091202]: IPSET: switching set new_MAXMIND to bl_MAXMIND
Nov 10 04:19:35 srv8 lfd[1091202]: IPSET: loading set new_6_MAXMIND with 2 entries
Nov 10 04:19:35 srv8 lfd[1091202]: IPSET: switching set new_6_MAXMIND to bl_6_MAXMIND
As far as MaxMind GeoIP purpose is to blocking/banning all of abuse/bad Anonymous Proxies...
This will reduce the min-fraud service (fraud detection) for a transactional risk of analysis service.
Code: Select all
May 22 21:11:58 srv8 lfd[3578991]: CC: Repopulating ipset cc_ar with IP addresses from [AR]
May 22 21:11:59 srv8 lfd[3578991]: IPSET: loading set new_ar with 3411 entries
May 22 21:11:59 srv8 lfd[3578991]: IPSET: switching set new_ar to cc_ar
May 22 21:11:59 srv8 lfd[3578991]: CC: Repopulating ipset cc_br with IP addresses from [BR]
May 22 21:12:05 srv8 lfd[3578991]: IPSET: loading set new_br with 10551 entries
May 22 21:12:05 srv8 lfd[3578991]: IPSET: switching set new_br to cc_br
May 22 21:12:05 srv8 lfd[3578991]: CC: Repopulating ipset cc_cn with IP addresses from [CN]
May 22 21:12:10 srv8 lfd[3578991]: IPSET: loading set new_cn with 7889 entries
May 22 21:12:10 srv8 lfd[3578991]: IPSET: switching set new_cn to cc_cn
May 22 21:12:10 srv8 lfd[3578991]: CC: Repopulating ipset cc_hk with IP addresses from [HK]
May 22 21:12:15 srv8 lfd[3578991]: IPSET: loading set new_hk with 9781 entries
May 22 21:12:15 srv8 lfd[3578991]: IPSET: switching set new_hk to cc_hk
May 22 21:12:15 srv8 lfd[3578991]: CC: Repopulating ipset cc_in with IP addresses from [IN]
May 22 21:12:21 srv8 lfd[3578991]: IPSET: loading set new_in with 12067 entries
May 22 21:12:22 srv8 lfd[3578991]: IPSET: switching set new_in to cc_in
May 22 21:12:22 srv8 lfd[3578991]: CC: Repopulating ipset cc_jp with IP addresses from [JP]
May 22 21:12:27 srv8 lfd[3578991]: IPSET: loading set new_jp with 11102 entries
May 22 21:12:27 srv8 lfd[3578991]: IPSET: switching set new_jp to cc_jp
May 22 21:12:27 srv8 lfd[3578991]: CC: Repopulating ipset cc_kr with IP addresses from [KR]
May 22 21:12:29 srv8 lfd[3578991]: IPSET: loading set new_kr with 3816 entries
May 22 21:12:29 srv8 lfd[3578991]: IPSET: switching set new_kr to cc_kr
May 22 21:12:29 srv8 lfd[3578991]: CC: Repopulating ipset cc_lt with IP addresses from [LT]
May 22 21:12:30 srv8 lfd[3578991]: IPSET: loading set new_lt with 1460 entries
May 22 21:12:30 srv8 lfd[3578991]: IPSET: switching set new_lt to cc_lt
May 22 21:12:30 srv8 lfd[3578991]: CC: Repopulating ipset cc_pk with IP addresses from [PK]
May 22 21:12:31 srv8 lfd[3578991]: IPSET: loading set new_pk with 1186 entries
May 22 21:12:31 srv8 lfd[3578991]: IPSET: switching set new_pk to cc_pk
May 22 21:12:31 srv8 lfd[3578991]: CC: Repopulating ipset cc_th with IP addresses from [TH]
May 22 21:12:32 srv8 lfd[3578991]: IPSET: loading set new_th with 1817 entries
May 22 21:12:32 srv8 lfd[3578991]: IPSET: switching set new_th to cc_th
May 22 21:12:32 srv8 lfd[3578991]: CC: Repopulating ipset cc_tw with IP addresses from [TW]
May 22 21:12:33 srv8 lfd[3578991]: IPSET: loading set new_tw with 2376 entries
May 22 21:12:33 srv8 lfd[3578991]: IPSET: switching set new_tw to cc_tw
May 22 21:12:33 srv8 lfd[3578991]: CC: Repopulating ipset cc_vn with IP addresses from [VN]
May 22 21:12:34 srv8 lfd[3578991]: IPSET: loading set new_vn with 2058 entries
May 22 21:12:34 srv8 lfd[3578991]: IPSET: switching set new_vn to cc_vn
May 22 21:12:34 srv8 lfd[3578991]: CC: Repopulating ipset cc_ro with IP addresses from [RO]
May 22 21:12:36 srv8 lfd[3578991]: IPSET: loading set new_ro with 3667 entries
May 22 21:12:36 srv8 lfd[3578991]: IPSET: switching set new_ro to cc_ro
May 22 21:12:36 srv8 lfd[3578991]: CC: Repopulating ipset cc_ru with IP addresses from [RU]
May 22 21:12:43 srv8 lfd[3578991]: IPSET: loading set new_ru with 12818 entries
May 22 21:12:43 srv8 lfd[3578991]: IPSET: switching set new_ru to cc_ru
May 22 21:12:43 srv8 lfd[3578991]: CC: Repopulating ipset cc_as749 with IP addresses from [AS749]
May 22 21:12:45 srv8 lfd[3578991]: IPSET: loading set new_as749 with 2635 entries
May 22 21:12:45 srv8 lfd[3578991]: IPSET: switching set new_as749 to cc_as749
May 22 21:12:45 srv8 lfd[3578991]: CC: Repopulating ipset cc_as8075 with IP addresses from [AS8075]
May 22 21:12:45 srv8 lfd[3578991]: IPSET: loading set new_as8075 with 820 entries
May 22 21:12:45 srv8 lfd[3578991]: IPSET: switching set new_as8075 to cc_as8075
May 22 21:12:45 srv8 lfd[3578991]: CC: Repopulating ipset cc_as14061 with IP addresses from [AS14061]
May 22 21:12:45 srv8 lfd[3578991]: IPSET: loading set new_as14061 with 146 entries
May 22 21:12:45 srv8 lfd[3578991]: IPSET: switching set new_as14061 to cc_as14061
May 22 21:12:45 srv8 lfd[3578991]: CC: Repopulating ipset cc_as20473 with IP addresses from [AS20473]
May 22 21:12:46 srv8 lfd[3578991]: IPSET: loading set new_as20473 with 524 entries
May 22 21:12:46 srv8 lfd[3578991]: IPSET: switching set new_as20473 to cc_as20473
May 22 21:12:46 srv8 lfd[3578991]: CC: Repopulating ipset cc_as24940 with IP addresses from [AS24940]
May 22 21:12:46 srv8 lfd[3578991]: IPSET: loading set new_as24940 with 70 entries
May 22 21:12:46 srv8 lfd[3578991]: IPSET: switching set new_as24940 to cc_as24940
May 22 21:12:46 srv8 lfd[3578991]: CC: Repopulating ipset cc_as26548 with IP addresses from [AS26548]
May 22 21:12:46 srv8 lfd[3578991]: IPSET: loading set new_as26548 with 130 entries
May 22 21:12:46 srv8 lfd[3578991]: IPSET: switching set new_as26548 to cc_as26548
May 22 21:12:46 srv8 lfd[3578991]: CC: Repopulating ipset cc_as28753 with IP addresses from [AS28753]
May 22 21:12:46 srv8 lfd[3578991]: IPSET: loading set new_as28753 with 107 entries
May 22 21:12:46 srv8 lfd[3578991]: IPSET: switching set new_as28753 to cc_as28753
May 22 21:12:46 srv8 lfd[3578991]: CC: Repopulating ipset cc_as36352 with IP addresses from [AS36352]
May 22 21:12:46 srv8 lfd[3578991]: IPSET: loading set new_as36352 with 841 entries
May 22 21:12:46 srv8 lfd[3578991]: IPSET: switching set new_as36352 to cc_as36352
May 22 21:12:46 srv8 lfd[3578991]: CC: Repopulating ipset cc_as45102 with IP addresses from [AS45102]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as45102 with 318 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as45102 to cc_as45102
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as47890 with IP addresses from [AS47890]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as47890 with 24 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as47890 to cc_as47890
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as51159 with IP addresses from [AS51159]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as51159 with 5 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as51159 to cc_as51159
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as199654 with IP addresses from [AS199654]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as199654 with 8 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as199654 to cc_as199654
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as210558 with IP addresses from [AS210558]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as210558 with 15 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as210558 to cc_as210558
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as211298 with IP addresses from [AS211298]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as211298 with 3 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as211298 to cc_as211298
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as212027 with IP addresses from [AS212027]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as212027 with 21 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as212027 to cc_as212027
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as213186 with IP addresses from [AS213186]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as213186 with 5 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as213186 to cc_as213186
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as213230 with IP addresses from [AS213230]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as213230 with 2 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as213230 to cc_as213230
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as213790 with IP addresses from [AS213790]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as213790 with 2 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as213790 to cc_as213790
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as214940 with IP addresses from [AS214940]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as214940 with 2 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as214940 to cc_as214940
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as214943 with IP addresses from [AS214943]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as214943 with 15 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as214943 to cc_as214943
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as215476 with IP addresses from [AS215476]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as215476 with 1 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as215476 to cc_as215476
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as215930 with IP addresses from [AS215930]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as215930 with 3 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as215930 to cc_as215930
May 22 21:12:47 srv8 lfd[3578991]: CC: Repopulating ipset cc_as401109 with IP addresses from [AS401109]
May 22 21:12:47 srv8 lfd[3578991]: IPSET: loading set new_as401109 with 3 entries
May 22 21:12:47 srv8 lfd[3578991]: IPSET: switching set new_as401109 to cc_as401109Code: Select all
[root@srv8 ~]# ping -c 5 repo.cloudlinux.com
PING repo.cloudlinux.com (206.189.189.188) 56(84) bytes of data.
64 bytes from repo.cloudlinux.us-ny.cl-mirror.net (206.189.189.188): icmp_seq=1 ttl=47 time=78.8 ms
64 bytes from repo.cloudlinux.us-ny.cl-mirror.net (206.189.189.188): icmp_seq=2 ttl=47 time=77.10 ms
64 bytes from repo.cloudlinux.us-ny.cl-mirror.net (206.189.189.188): icmp_seq=3 ttl=47 time=77.10 ms
64 bytes from repo.cloudlinux.us-ny.cl-mirror.net (206.189.189.188): icmp_seq=4 ttl=47 time=77.7 ms
64 bytes from repo.cloudlinux.us-ny.cl-mirror.net (206.189.189.188): icmp_seq=5 ttl=47 time=77.7 ms
--- repo.cloudlinux.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 77.687/78.033/78.776/0.528 ms
[root@srv8 ~]#Code: Select all
[root@srv8 ~]# cldiag --doctor
Downloading cldoctor script from https://repo.cloudlinux.com/cloudlinux/cldoctor/cldoctor.sh
Generating report...
Uploading...
Key: 384602530.0f5fe066-(HIDE)-(HIDE)-b815-f1c9f73e2743
Please, provide above mentioned key to CloudLinux Support Team
[root@srv8 ~]#Code: Select all
[root@srv8 ~]# yum update --allowerasing --skip-broken
This system is receiving updates from CloudLinux Network server.
Last metadata expiration check: 22:57:42 ago on Sat 03 May 2025 01:42:16 AM PDT.
Dependencies resolved.
Nothing to do.
Complete!
[root@srv8 ~]#
CSF can use these option below. These otpion can be set to use:
1. Perl module HTTP::Tiny
2. Perl module LWP::UserAgent
3. CURL/WGET (set location at the bottom of csf.conf if installed)
HTTP::Tiny is much faster than LWP::UserAgent and is included in the csf distribution.
LWP::UserAgent may have to be installed manually, but it can better support https:// URL's which also needs the LWP::Protocol::https perl module
CURL/WGET uses the system binaries if installed but does not always provide good feedback when it fails. The script will first look for CURL, if that does not exist at the configured location it will then look for WGET
Additionally, 1 or 2 are used and if the retrieval fails, then if either CURL or WGET are available, an additional attempt will be using CURL/WGET. This is useful if the perl distribution has outdated modules that do not support modern SSL/TLS implementations.
CSF recommend to setting this set... to "2" or "3" as upgrades to csf will be performed over SSL as well as other URLs used when retrieving external data.
To install the LWP perl modules required:
On rpm based systems: (RedHat and CloudLinux)
Code: Select all
yum install perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch