basic csf commands

5
(3)

ConfigServer Security & Firewall (csf)

A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.

The basic commands include Restarting ServicesAllowing IP’sBlocking IP’s, and Unblocking IP’s, among others. After explaining what the command does, we will show you an example of the CSF Command.

Service Control Commands

Service CSF commands:

Here is a breakdown of the the csf service commands:

service csf [start|stop|restart]
[email protected] [~]# service csf restart

IPtables Commands:

The iptables may also need to be restarted for ‘hung’ rules. If you ever need to restart iptables, make sure you restart CSF afterwards to apply the firewall rules. Below is a breakdown of iptables commands:

iptables {start|stop|restart|condrestart|status|panic|save}
[email protected] [~]# iptables restart

CSF Commands

Block an IP address (permanently):

csf -d ip.add.re.ss

Example:

[email protected] [~]# csf -d 122.33.11.22

Block an IP address (temporarily):

csf -td $ip $duration (duration is how long to block for (default:seconds, can use one suffix of h/m/d)

Example:

[email protected] [~]# csf -td 123.156.78.9 3600

Allow an IP Address:

csf -a $ip

Example:

[email protected] [~]# csf -a 123.156.78.9

Unblock an IP (permanent block):

csf -dr $ip

Example:

[email protected] [~]# csf -dr 123.156.78.9 3600

List temporary blocked IPs and block durations:

[email protected] [~]# csf -t

Remove all temporary IP blocks:

csf -tf

Log all SYN packets from an IP:

csf -w $ip

Congratulations, now you are familiar with the basic CSF commands for Restarting ServicesAllowing IP’sBlocking IP’s, and Unblocking IP’s, among others!

Similar Posts:

562

How useful was this post?

Click on a star to rate it!

Average rating 5 / 5. Vote count: 3

No votes so far! Be the first to rate this post.

Scroll to Top
Scroll to Top