CSF CLI (Command Line Interface) Cheat Sheet


Useful CSF SSH Command Line Commands in a “cheat sheet” format.

csf -sStart the firewall rulesroot@server[~]#csf -s
csf -fFlush/Stop firewall rules (note: lfd may restart csf)root@server[~]#csf -f
csf -rRestart the firewall rulesroot@server[~]#csf -r
csf -a [IP.add.re.ss] [comment]Allow an IP(allow access to all ports) and add to /etc/csf/csf.allowroot@server[~]#csf -a Home IP Address
csf -tr [IP.add.re.ss]Remove an IP from the temporary IP ban or allow list.root@server[~]#csf -tr
csf -tfFlush all IPs from the temporary IP entriesroot@server[~]#csf -tf
csf -d [IP.add.re.ss] [comment]Deny an IP and add to /etc/csf/csf.denyroot@server[~]#csf -d Blocked This Guy
csf -dr [IP.add.re.ss]Unblock an IP and remove from /etc/csf/csf.denyroot@server[~]#csf -dr
csf -dfRemove and unblock all entries in /etc/csf/csf.denyroot@server[~]#csf -df
csf -g [IP.add.re.ss]Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number)root@server[~]#csf -g
csf -t Displays the current list of temporary allow and deny IP entries with their TTL and commentroot@server[~]#csf -t

Configuration location is in the folder /etc/csf/

Main configuration file: /etc/csf/csf.conf

EXTRA Command line

Enable CSF Firewall: # csf -e

Disable CSF Firewall: # csf -x

Restart CSF/LFD Firewall (iptables rules and LFD service): #csf -ra

Restart LFD only: # service lfd restart

Check blocked IP reason (replace IP with the IP address): # csf -g IP grep “IP” /var/log/lfd.log

Block IP (temporarily for 24 hours, define in seconds): #csf -td IP 86400

Whitelist IP (allow access to all ports): #csf -a IP

Whitelist IP range /24 (allow access to all ports): #csf -a

Whitelist (temporarily) IP range /24 for 24 hours (allow access to all ports, define in seconds): #csf -ta 86400

Remove all temporary IP blocks: #csf -tf

and many more…

Similar Posts:


How useful was this post?

Click on a star to rate it!

Average rating 5 / 5. Vote count: 2

No votes so far! Be the first to rate this post.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top