Allow and ignore 127.0.0.0/8 ?

[postcd]

Hello,

an technician suggests me to add 127.0.0.0/8 to /etc/csf/csf.allow and also to /etc/csf/csf.ignore.

csf.allow - a list of IP's and CIDR addresses that should always be allowed
through the firewall
csf.ignore - a list of IP's and CIDR addresses that lfd should ignore and not
not block if detected

Is it safe/secure?

The reason why im suggested this is that command "telnet 127.0.0.1 953" and "telnet 127.0.0.1 80" fails with timeout error, but when i restart CSF (firewall), it immediatelly start working..

Any ideas please/commands to do? Thank you

 

[Jackson Brown]

Hello,

an technician suggests me to add 127.0.0.0/8 to /etc/csf/csf.allow and also to /etc/csf/csf.ignore.



Is it safe/secure?

The reason why im suggested this is that command "telnet 127.0.0.1 953" and "telnet 127.0.0.1 80" fails with timeout error, but when i restart CSF (firewall), it immediatelly start working..

Any ideas please/commands to do? Thank you

The reason that Telnet is timing out is most likely because the firewall in place is denying in/out from all ports, and when it's active, it listens for requests and allows them to pass.

If you're trying to always allow access (and want to use telnet) then add localhost with port 21 to the cfs.allow file, and create a startup script for the firewall.