CSF Firewall

From Wiki
Revision as of 15:24, 20 June 2024 by Qljca (talk | contribs) (Created page with "==Installation== <pre> cd /usr/local/src wget https://configserver.com/free/csf.tgz tar xfz csf.tgz cd csf ./install.cpanel.sh </pre> After installation, need to disable Testing mode. You can disable the testing flag by changing the value for TESTING from 1 to 0 in the configuration file /etc/csf/csf.conf using an editor like vi. <pre>vi etc/csf/csf.conf</pre> ==Log== <pre>/var/log/lfd.log</pre> ==Status== <pre> service lfd status service csf status </pre> ==Enable...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Installation

cd /usr/local/src
wget https://configserver.com/free/csf.tgz
tar xfz csf.tgz
cd csf
./install.cpanel.sh

After installation, need to disable Testing mode. You can disable the testing flag by changing the value for TESTING from 1 to 0 in the configuration file /etc/csf/csf.conf using an editor like vi. 

vi etc/csf/csf.conf


Log

/var/log/lfd.log

Status

service lfd status 
service csf status

Enable/disable/restart

Enable: csf -e
Disable: csf -x
Restart: csf -r

Check IP in firewall

csf -g IP

Whitelist an IP Address

csf -a IP

Block an IP address

csf -d IP

Unblock IP address

csf -dr IP

Allow IP temporarily

csf -ta ip ttl
csf -r

Example: csf -ta 3600
This will allow IP address for 60 minutes.

Configure SMTP

SMTP_BLOCK = "1"
SMTP_ALLOWLOCAL = "1"
SMTP_PORTS = "25,26"
SMTPAUTH_LOG = "/var/log/exim_mainlog"
Retrieved from "https://workwiki.in/index.php?title=CSF_Firewall&oldid=178"