apt-get autoremove --purge ufw
apt-get install unzip libwww-perl
wget http://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
perl /usr/local/csf/bin/csftest.pl
#trust ip
nano /etc/csf/csf.ignore
csf -r && service lfd restart
Webmin > Webmin Configuration > Webmin Modules > From local file > /etc/csf/csfwebmin.tgz > Install Module
csfpre.sh: To run external commands before csf configures iptables
csfpost.sh: To run external commands after csf configures iptables
| Command |
Description |
Example |
| csf -s |
Start the firewall rules |
root@server[~]#csf -s |
| csf -f |
Flush/Stop firewall rules (note: lfd may restart csf)
|
root@server[~]#csf -f |
| csf -r |
Restart the firewall rules |
root@server[~]#csf -r |
| csf -a [IP.add.re.ss] [comment] |
Allow an IP and add to /etc/csf/csf.allow
|
root@server[~]#csf -a 187.33.3.3 Home IP Address |
| csf -tr [IP.add.re.ss] |
Remove an IP from the temporary IP ban or allow list.
|
root@server[~]#csf -tr 66.192.23.1 |
| csf -tf |
Flush all IPs from the temporary IP entries
|
root@server[~]#csf -tf |
| csf -d [IP.add.re.ss] [comment] |
Deny an IP and add to /etc/csf/csf.deny |
root@server[~]#csf -d 66.192.23.1 Blocked This Guy |
| csf -dr [IP.add.re.ss] |
Unblock an IP and remove from /etc/csf/csf.deny |
root@server[~]#csf -dr 66.192.23.1 |
| csf -df |
Remove and unblock all entries in /etc/csf/csf.deny |
root@server[~]#csf -df |
| csf -g [IP.add.re.ss] |
Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number) |
root@server[~]#csf -g 66.192.23.1 |
| csf -t |
Displays the current list of temporary allow and deny IP entries with their TTL and comment |
root@server[~]#csf -t |
