Releases · Aetherinox/csf-firewall

05 Sep 20:20

7720823

v15.00 Latest

Latest

Release Info

Item	Value
_{🏷️ Version}	_v15.00
_{📄 csf-firewall-v15.00.zip}	_{ConfigServer Firewall main app} _{01a4996f078eae1a479eb4b74803ff8153b5696fc289409380a0699538ce7b6b}
_{📄 csf-firewall-v15.00-helpers.zip}	_{Helper patches. View README for instructions} _{93a81575a4957ba09cde62a86191905714b2b3121f5e8ddb28283f954fcfd56f}
_{📄 csf-firewall-v15.00-theme-dark.zip}	_{Dark theme} _{d34485332ce25f452eee85daf05a436361dcc49d7252aac67782d5f7b13e264b}
_{🕟 Stamp}	_{v14.24.0-2025-03-06T18:14:06.000Z 🔺 14.24.1-2025-03-11T20:45:57.000Z}
_{📅 Last Release}	_{5 days ago}

What's New

This release contains the following changes:

Note

Due to the recent closure by the original developer of ConfigServer Firewall; all future updates to the software will be done via this repository.

This release (v15.00) is a close match to the version released by the original developer, with a few additions.

ConfigServer Firewall

feature: bring new artifact server online which will be responsible for end-user updates to ConfigServer firewall.
feature: remove old update end-point in order to prevent domain hijacking
change: modify apache regex to detect "remote" or "client" as the IP trigger
change: modify ui http header checks to be case agnostic
change: add country code validation and warning output
change: update regex to extract client ip from logs
change: update SESSION_ID validation
pref: relax session binding / validation
pref: move parent process validation check
refactor: normalize http header handling to lowercase and make content-type matching case-insensitive
fix: regression bug for ui http header checks to be case agnostic

Dark Theme

No changes in this release

OpenVPN & Docker Patches

No changes in this release

Statistics

How the files have changed:

Changed files : 300
Changes : 44722
Commits : 42
Additions : 32226
Deletions : 12496
PRs (categorized) : 21
PRs (uncategorized) : 21
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

🪛 Continuous integration

fix escaped output : 1036c05 @Aetherinox

🚀 Features

bring new artifact server for updates online
- Releases no longer rely on https://configserver.com/; everything is handled in-house
add new api endpoint for update notifications
update patch docker.sh with better conditions and detection : 7633947 @Aetherinox

🐛 Bugfixes

move parent process validation check
checkip qw missing cccheckip argument : 05f553b @Aetherinox
docker patch text color bug with extra `- : c43c857 @Aetherinox

🔧 Changes

normalize http header handling to lowercase and make content-type matching case-insensitive
add country code validation and warning output
update regex to extract client ip from logs
change wordage on SESSION_ID validation
relax session binding / validation
update highrisk to include china networks AS17621, AS4134, AS4837, AS140061 : 371fe2b @Aetherinox
update highrisk ipset to include internet-census.org : 0c01361 @Aetherinox
remove commenting : d2c6fe5 @Aetherinox

✏️ Docs

(readme) update docker.sh prints : a3a0396 @Aetherinox
(readme) update formatting : 475ae7b @Aetherinox
(readme) update section IP Sets / Blocklist : 30917c8 @Aetherinox
(readme) add disclaimer on LF_IPSET_MAXELEM limit : 45566c9 @Aetherinox
(readme) add instructions for LF_IPSET_MAXELEM for blocklist master.ipset : b46e31a @Aetherinox
(readme) fix clone path : 761e68d @Aetherinox
(readme) update title : b940eff @Aetherinox
(readme) update description : 5241ad7 @Aetherinox
(readme) minor adjustments : eee3ea6 @Aetherinox
(readme) add default values to docker.sh patch : bad33df @Aetherinox
(readme) minor change; remove quotes from default setting file_csf_allow table : 82e9c36 @Aetherinox
(readme) add enable/disable csf & lfd commands : d3d6859 @Aetherinox
(readme) add to ipsets section : ccaf442 @Aetherinox

Contributors

Aetherinox

Assets 9

11 Mar 20:46

BinaryServ

14.24.1

1036c05

v14.24.1

Release Info

Item	Value
_{📄 csf-firewall-v14.24.tgz}	_{Contains the latest verison of the ConfigServer Firewall application. This file is optional to download and is not required if you have already installed CSF on your system.}
_{📄 csf-firewall-v14.24.1-patches.zip}	_{Contains the latest verison of the ConfigServer Firewall patches. View README for instructions; run patch by launching the file ./install.sh.}
_{📄 csf-firewall-v14.24.1-theme-dark.zip}	_{Contains custom dark theme.}
_{🕟 Stamp}	_{v14.24.0-2025-03-06T18:14:06.000Z 🔺 14.24.1-2025-03-11T20:45:57.000Z}
_{📅 Last Release}	_{5 days ago}

What's New

This release contains the following changes:

Note

This patch fixes an issue with csf.service being unable to start on the latest version of CSF v14.24.0 for any user who utilizes the dark theme.

Update the /usr/sbin/lfd file, give CSF a restart, and it should fix the issue.

Statistics

How the files have changed:

Changed files : 300
Changes : 44722
Commits : 42
Additions : 32226
Deletions : 12496
PRs (categorized) : 21
PRs (uncategorized) : 21
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

🪛 Continuous integration

test out echoed env var for categories : 42f9f4b @Aetherinox
fix escaped output : 1036c05 @Aetherinox

🚀 Features

update patch docker.sh with better conditions and detection : 7633947 @Aetherinox

🐛 Bugfixes

checkip qw missing cccheckip argument : 05f553b @Aetherinox
docker patch text color bug with extra `- : c43c857 @Aetherinox

🔧 Changes

update highrisk to include china networks AS17621, AS4134, AS4837, AS140061 : 371fe2b @Aetherinox
remove commenting : d2c6fe5 @Aetherinox

✏️ Docs

(readme) update section IP Sets / Blocklist : 30917c8 @Aetherinox
(readme) add disclaimer on LF_IPSET_MAXELEM limit : 45566c9 @Aetherinox
(readme) fix clone path : 761e68d @Aetherinox
(readme) update title : b940eff @Aetherinox
(readme) add default values to docker.sh patch : bad33df @Aetherinox
(readme) add enable/disable csf & lfd commands : d3d6859 @Aetherinox
(readme) add to ipsets section : ccaf442 @Aetherinox

Contributors

Aetherinox

Assets 5

06 Mar 18:14

BinaryServ

v14.24.0

f209af3

v14.24.0

What's New

This release contains the following changes:

ConfigServer Firewall

change: modify apache regex to detect "remote" or "client" as the IP trigger
change: modify ui http header checks to be case agnostic
fix: regression bug for ui http header checks to be case agnostic

Dark Theme

No changes in this release

OpenVPN & Docker Patches

feat: add new parameter -l, --list to display all docker containers and info about each
feat: add new parameter -r, --reset to completely clean out existing iptable rules and start fresh
change: re-worked docker.sh patch functionality
- added new table checking to ensure rules aren't applied twice
- clean up iptables before patch is applied

Assets 5

15 Oct 00:02

BinaryServ

14.22.0

d060f1b

v14.22.0

Release Info

Item	Value
_{📄 csf-firewall-v14.22.tgz}	_{Contains the latest verison of the ConfigServer Firewall application. This file is optional to download and is not required if you have already installed CSF on your system.}
_{📄 csf-firewall-v14.22.0-patches.zip}	_{Contains the latest verison of the ConfigServer Firewall patches. View README for instructions; run patch by launching the file ./install.sh.}
_{📄 csf-firewall-v14.22.0-theme-dark.zip}	_{Contains custom dark theme.}
_{🕟 Stamp}	_{v14.21.1-2024-10-14T22:32:18.000Z 🔺 14.22.0-2024-10-15T00:02:49.000Z}
_{📅 Last Release}	_{0 days ago}

What's New

This release contains the following changes:

ConfigServer Firewall

change: remove session IP match check from DA login
add: example spamassassin temp file regex to csf.fignore for new installations

Dark Theme

No changes in this release

OpenVPN & Docker Patches

No changes in this release

Statistics

How the files have changed:

Changed files : 5
Changes : 36
Commits : 1
Additions : 24
Deletions : 12
PRs (categorized) : 1
PRs (uncategorized) : 0
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

📦 Build & Dependencies

bump csf to v14.22.0 : d060f1b @Aetherinox

Contributors

Aetherinox

Assets 5

29 Aug 21:13

BinaryServ

v14.21.1

61a4abe

v14.21.1

Release Info

Item	Value
_{📄 csf-firewall-v14.21.tgz}	_{Contains the latest verison of the ConfigServer Firewall application. This file is optional to download and is not required if you have already installed CSF on your system.}
_{📄 csf-firewall-vv2.2.1-patches.zip}	_{Contains the latest verison of the ConfigServer Firewall patches. View README for instructions; run patch by launching the file ./install.sh.}
_{📄 csf-firewall-vv2.2.1-theme-dark.zip}	_{Contains custom dark theme.}
_{🕟 Stamp}	_{2.2.0-2024-08-28T08:27:15.000Z 🔺 v2.2.1-2024-08-29T21:13:17.000Z}
_{📅 Last Release}	_{1 days ago}

What's New

This release contains the following changes:

ConfigServer Firewall

No changes in this release

Dark Theme

change: new animated checkbox input for firewall profiles
change: clicking logo in header now re-directs user to home
change: enhanced login screen animations
change: enhanced mobile view
fix: extended sized buttons with text cutting off

OpenVPN & Docker Patches

No changes in this release

Statistics

How the files have changed:

Changed files : 23
Changes : 2316
Commits : 14
Additions : 1573
Deletions : 743
PRs (categorized) : 13
PRs (uncategorized) : 1
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

🪛 Continuous integration

update release workflow : 290aae8 @Aetherinox

🐛 Bugfixes

upgrade section column not proper size : 10cc799 @Aetherinox
buttons with extended text, min-width on console logs : 00649f4 @Aetherinox
textbox styling : 088858d @Aetherinox

🔧 Changes

dark theme login prompt changes : 456c9fe @Aetherinox
improved mobile view mode : bd63336 @Aetherinox
new textbox for settings : 37cc5f8 @Aetherinox
header logo image now returns user to home page : 04d25d6 @Aetherinox
add animations to login screen : 0363a32 @Aetherinox
add header animations, app name returns user home : 76fdbc4 @Aetherinox

📦 Build & Dependencies

update csf to v14.21 : 88523ce @Aetherinox
update dark theme for csf v14.21 : 1460b75 @Aetherinox

Contributors

Aetherinox

Assets 5

30 Aug 19:15

BinaryServ

v14.21.0

61a4abe

v14.21.0

Release Info

Item	Value
_{📄 csf-firewall-v14.21.tgz}	_{Contains the latest verison of the ConfigServer Firewall application. This file is optional to download and is not required if you have already installed CSF on your system.}
_{📄 csf-firewall-v2.2.2-patches.zip}	_{Contains the latest verison of the ConfigServer Firewall patches. View README for instructions; run patch by launching the file ./install.sh.}
_{📄 csf-firewall-v2.2.2-theme-dark.zip}	_{Contains custom dark theme.}
_{🕟 Stamp}	_{v2.2.1-2024-08-29T21:13:17.000Z 🔺 2.2.2-2024-08-30T19:15:13.000Z}
_{📅 Last Release}	_{0 days ago}

What's New

This release contains the following changes:

ConfigServer Firewall

added: exe:/usr/bin/dbus-broker-launch and exe:/usr/bin/dbus-broker to csf.pignore for new installations
added: check to ensure that only public ip addresses are used when loading IPv4 CC zone files
change: modify ip lookup to strip missed quotes
fix: bug when converting embedded IPv4 addresses in IPv6 connections

Dark Theme

change: add header animations, app name returns user home
change: clicking app logo or name now returns user to home page
change: add favicon

OpenVPN & Docker Patches

change: silence curl in openvpn patch
change: removal of NETWORK_MANUAL_MODE, NETWORK_ADAPT_NAME
fix: docker inspect error when container has more than one network #1
docs: removal of manual mode values no longer needed

Statistics

How the files have changed:

Changed files : 12
Changes : 708
Commits : 10
Additions : 547
Deletions : 161
PRs (categorized) : 10
PRs (uncategorized) : 0
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

🐛 Bugfixes

docker inspect error when container has more than one network : 28eb264 @Aetherinox

🔧 Changes

add favicon : c7b9b1d @Aetherinox
removal of NETWORK_MANUAL_MODE, NETWORK_ADAPT_NAME : 784459c @Aetherinox
silence curl in openvpn patch : c8a592f @Aetherinox

✏️ Docs

update README : 371754a @Aetherinox
update previews : fd3ca69 @Aetherinox
update changelog : 569d0ab @Aetherinox
removal of manual mode values no longer needed : 4e88013 @Aetherinox
add custom theme installation : e928bd4 @Aetherinox

Contributors

Aetherinox

Assets 5

28 Aug 08:27

BinaryServ

v14.20.2

61a4abe

v14.20.2

Release Info

Item	Value
_{📄 csf-firewall-v14.20.tgz}	_{Contains the latest verison of the ConfigServer Firewall application. This file is optional to download and is not required if you have already installed CSF on your system.}
_{📄 csf-firewall-v2.2.0-patches.zip}	_{Contains the latest verison of the ConfigServer Firewall patches. View README for instructions; run patch by launching the file ./install.sh.}
_{📄 csf-firewall-v2.2.0-theme-dark.zip}	_{Contains a custom dark theme.}
_{🕟 Stamp}	_{2.1.0-2024-08-27T17:41:31.000Z 🔺 2.2.0-2024-08-28T08:27:15.000Z}
_{📅 Last Release}	_{0 days ago}

What's New

This release contains the following changes:

feat: add dark theme login page
change: optimizations to load order
change: settings now have on/off color-coded toggle indicator
change: finished remaining light theme elements

Note

The dark theme is currently in development. The layout and other functionality may change between versions.

Statistics

How the files have changed:

Changed files : 6
Changes : 14376
Commits : 7
Additions : 14256
Deletions : 120
PRs (categorized) : 6
PRs (uncategorized) : 1
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

🔧 Changes

update dark theme support : ceb953a @Aetherinox

✏️ Docs

update README : ad84b46 @Aetherinox
update dark theme : cc3b5cc @Aetherinox

Contributors

Aetherinox

Assets 5

27 Aug 17:41

BinaryServ

v14.20.1

61a4abe

v14.20.1

Release Info

Item	Value
_{📄 csf-firewall-v2.1.0-patches.zip}	_{Contains the latest verison of the ConfigServer Firewall patches. View README for instructions; run patch by launching the file ./install.sh.}
_{📄 csf-firewall-v14.20.tgz}	_{Contains the latest verison of the ConfigServer Firewall application. This file is optional to download and is not required if you have already installed CSF on your system.}
_{🕟 Stamp}	_{2.0.0-2024-08-07T03:50:37.000Z 🔺 2.1.0-2024-08-27T17:41:31.000Z}
_{📅 Last Release}	_{20 days ago}

What's New

This release contains the following changes:

Note

Dark theme is currently in development, and a few aspects are not finished. This dark theme plans to also change the layout a bit to fix a few things

feat: add dark theme
feat: add traefik integration
feat: add authentik integration
change: new ruleset for openvpn integration
change: auto disable csf TESTING mode when patch ran
change: add -r, --report to display status of dependencies and setup
fix: openvpn ip detection
docs: update to include traefik and authentic integration
ci: dark theme now included with all releases as .zip
ci: auto-update /docs/ on push to repo

Statistics

How the files have changed:

Changed files : 300
Changes : 5001
Commits : 49
Additions : 4953
Deletions : 48
PRs (categorized) : 48
PRs (uncategorized) : 1
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

🪛 Continuous integration

update release workflow to display details about each file attached to release : f57e6a7 @Aetherinox
rebuild docs when push made to folder docs/ : a1ee95b @Aetherinox
update release workflow : b871e4b @Aetherinox

🚀 Features

auto disable csf TESTING mode when patch ran : 4a01bd7 @Aetherinox
add -r, --report to display status of dependencies and setup : bc9b1f5 @Aetherinox
add dark theme : 38d0789 @Aetherinox

🐛 Bugfixes

missing rules required for openvpn : 9d62020 @Aetherinox

🔧 Changes

remove csf_install, no longer needed : 0b77262 @Aetherinox
change folder csf_config -> extras : 52585b2 @Aetherinox
add csf.conf.clean : 6a22ac5 @Aetherinox
add MaxMind GeoIP.conf extra config : 2bb8e14 @Aetherinox

✏️ Docs

cleanup README : 5715a38 @Aetherinox
integrate mkdocs : 4253178 @Aetherinox
add about_csf, about_patcher : 5df7b4f @Aetherinox
add chapter "configure"; add csf.conf (full and clean versions) : 2a45658 @Aetherinox
add csf install and management section : f1641f7 @Aetherinox
filter "next steps" from toc : f6dfd71 @Aetherinox
update shortcodes.py : f9efb6d @Aetherinox
add geo-blocking chapter : 9ad9c31 @Aetherinox
add traefik integration instructions : 4eb5483 @Aetherinox
add authentik integration page : 0d5b576 @Aetherinox
add traefik router / middleware examples : e4be167 @Aetherinox

Contributors

Aetherinox

Assets 5

07 Aug 03:50

BinaryServ

v14.20.0

61a4abe

v14.20.0

Release Info

Item	Value
_{📄 csf-firewall-v2.0.0-patches.zip}	_{Contains the latest verison of the ConfigServer Firewall patches. View README for instructions; run patch by launching the file ./install.sh.}
_{📄 csf-firewall-v14.20.tgz}	_{Contains the latest verison of the ConfigServer Firewall application. This file is optional to download and is not required if you have already installed CSF on your system.}
_{🕟 Stamp}	_{25ad7e520ed7c2b33150d98281f41f6e006d508a- 🔺 2.0.0-2024-08-07T03:50:37.000Z}
_{📅 Last Release}	_Never

What's New

This release contains the following changes:

ConfigServer Firewall

add: Require all granted to Messenger v3 .htaccess generation
change: normalize source ip during connection tracking for ipv6 comparisons
change: MaxMind URLs now use https
fix: DOCTYPE print order for integrated UI login
fix: regression for imap logon failure detections

Dark Theme

No changes in this release

OpenVPN & Docker Patches

feat: add openvpn patch
feat: add command-line arguments
- add -d, --dev for advanced logging
- add -f, --flush to completely remove iptable rules
- add -v, --version to display patcher version
enhance: docker patch now allows for multiple ip blocks to be whitelisted
refactor: re-write of script
refactor: merge all scripts into one
bug: fixed issue with manual mode being disabled - #1
bug: fixed error "docker network inspect" requires at least 1 argument. - #1
bug: fixed error invalid port/service '-j' error

Repository

docs: rewrite documentation to include better instructions
ci: add workflow to automatically grab latest version of ConfigServer Firewall and append to each release

Statistics

How the files have changed:

Changed files : 24
Changes : 9023
Commits : 68
Additions : 9022
Deletions : 1
PRs (categorized) : 67
PRs (uncategorized) : 1
PRs (open) : 0

Pull Requests

This release is associated with the following pull requests:

🪛 Continuous integration

fix env vars : 469f36b @Aetherinox
remove PLUGIN_VERSION env; auto-generated : f392825 @Aetherinox
update workflow : 7853e59 @Aetherinox
update artifacts : 9b5c862 @Aetherinox

🚀 Features

add manual network adapter : df4b757 @Aetherinox
add docker network ip for each container to csf allow list : 240e2d0 @Aetherinox
add logging for iptable rules added to track what is done #1 : ce1cae1 @Aetherinox
add openvpn patch : 2c5759e @Aetherinox
add --flush, -f to completely wipe iptables : cefc440 @Aetherinox

🐛 Bugfixes

invalid port/service '-j' error : d326d8d @Aetherinox
fix inspect missing argument error #1 : 6ae626a @Aetherinox

🔧 Changes

update structure : cc37036 @Aetherinox
convert ip block to array : ec3c262 @Aetherinox
merge all scripts into one : 97fa330 @Aetherinox
add versioning : 841131b @Aetherinox
auto-install ipset, iptables, csf : b3847b7 @Aetherinox
update patch folder : bc93c85 @Aetherinox
add OS detection : a9aee88 @Aetherinox
update errors : 9c47ff1 @Aetherinox
add openvpn check to patch : 0b2a4b3 @Aetherinox
add openvpn ip pool list for iptable rules : 27ab5c4 @Aetherinox

🧹 Housekeeping

fix formatting : f370322 @Aetherinox

✏️ Docs

clean readme : 2a49262 @Aetherinox
add toc : 637fb7e @Aetherinox
update instructions : a39b644 @Aetherinox
add default username/password : 5fb7595 @Aetherinox
update README : 533d6b0 @Aetherinox

Contributors

Aetherinox

Assets 4

Uh oh!

Releases: Aetherinox/csf-firewall

v15.00

Release Info

What's New

ConfigServer Firewall

Dark Theme

OpenVPN & Docker Patches

Statistics

Pull Requests

🪛 Continuous integration

🚀 Features

🐛 Bugfixes

🔧 Changes

✏️ Docs

Contributors

Uh oh!

v14.24.1

Release Info

What's New

Statistics

Pull Requests

🪛 Continuous integration

🚀 Features

🐛 Bugfixes

🔧 Changes

✏️ Docs

Contributors

Uh oh!

v14.24.0

What's New

ConfigServer Firewall

Dark Theme

OpenVPN & Docker Patches

Uh oh!

v14.22.0

Release Info

What's New

ConfigServer Firewall

Dark Theme

OpenVPN & Docker Patches

Statistics

Pull Requests

📦 Build & Dependencies

Contributors

Uh oh!

v14.21.1

Release Info

What's New

ConfigServer Firewall

Dark Theme

OpenVPN & Docker Patches

Statistics

Pull Requests

🪛 Continuous integration

🐛 Bugfixes

🔧 Changes

📦 Build & Dependencies

Contributors

Uh oh!

v14.21.0

Release Info

What's New

ConfigServer Firewall

Dark Theme

OpenVPN & Docker Patches

Statistics

Pull Requests

🐛 Bugfixes

🔧 Changes

✏️ Docs

Contributors

Uh oh!

v14.20.2

Release Info

What's New

Statistics

Pull Requests

🔧 Changes

✏️ Docs