ConfigServer Security & Firewall (csf)
A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
The basic commands include Restarting Services, Allowing IP’s, Blocking IP’s, and Unblocking IP’s, among others. After explaining what the command does, we will show you an example of the CSF Command.
Service Control Commands
Service CSF commands:
Here is a breakdown of the the csf service commands:
service csf [start|stop|restart]
[email protected] [~]# service csf restart
IPtables Commands:
The iptables may also need to be restarted for ‘hung’ rules. If you ever need to restart iptables, make sure you restart CSF afterwards to apply the firewall rules. Below is a breakdown of iptables commands:
iptables {start|stop|restart|condrestart|status|panic|save}
[email protected] [~]# iptables restart
CSF Commands
Block an IP address (permanently):
csf -d ip.add.re.ss
Example:
[email protected] [~]# csf -d 122.33.11.22
Block an IP address (temporarily):
csf -td $ip $duration (duration is how long to block for (default:seconds, can use one suffix of h/m/d)
Example:
[email protected] [~]# csf -td 123.156.78.9 3600
Allow an IP Address:
csf -a $ip
Example:
[email protected] [~]# csf -a 123.156.78.9
Unblock an IP (permanent block):
csf -dr $ip
Example:
[email protected] [~]# csf -dr 123.156.78.9 3600
List temporary blocked IPs and block durations:
[email protected] [~]# csf -t
Remove all temporary IP blocks:
csf -tf
Log all SYN packets from an IP:
csf -w $ip
Congratulations, now you are familiar with the basic CSF commands for Restarting Services, Allowing IP’s, Blocking IP’s, and Unblocking IP’s, among others!
Similar Posts:
- HOW TO BLOCK AN IP ADDRESS ON A LINUX SERVER
- how to install csf on debian
- How To List and Delete Iptables Firewall Rules
- HOW TO INCREASE DENY IP LIMIT IN CSF FIREWALL
- CSF: disable icmp ping