CSF : It is the abbreviation of Config Server Security & Firewall. CSF is for configuring or managing your server firewall easily and simply. Here is some useful steps to Install , configure and uninstall csf on server with CentOS.
SSH to your server and do the following steps as root user.
Step 1: Downloading csf package.
rm -fv csf.tgz wget http://www.configserver.com/free/csf.tgz
Step 2: Remove already installed firewall settings
Execute the following command to remove already installed firewall like APF (Advanced Policy Firewall) or BFD (Brute Force Detection) from server.
[root@server #] sh /tmp/csf/remove_apf_bfd.sh
Step 3: Installation
[root@server #] tar -xzf csf.tgz [root@server #] cd csf [root@server #] sh install.sh
You will get an output like below pasted if that was a successful installation.
---------------------------- ---------------------------- *WARNING* TESTING mode is enabled - do not forget to disable it in the configuration `/etc/csf/csfwebmin.tgz' -> `/usr/local/csf/csfwebmin.tgz' Installation Completed
Then, check whether your server have required IP tables modules by using the following command.
[root@server #] perl /usr/local/csf/bin/csftest.pl
Step 4: Configure CSF
Once the installation process is completed we need to enable the csf to work it properly. ‘csf -e’[csf -x for disabling csf] command is using to enable csf on server.
[root@server csf]# csf -e Starting lfd:[ OK ] csf and lfd have been enabled *WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
The ‘csf -e’ output sounds, the csf is configured in testing mode on your server. You need to edit the conf file for enabling it.
[root@server #] vim /etc/csf/csf.conf Then change the value of 'TESTING' from 1 to 0
Important configuration options
All cofiguration options are located under the directory “/etc/csf” . Some usefull and importent configuration files are listed below.
csf.conf : Configuration file for controlling CSF. csf.allow : Allowed IP’s and CIDR addresses list on the firewall. csf.deny : Denied IP’s and CIDR addresses list on the firewall. csf.ignore : Ignored IP’s and CIDR addresses list on the firewall. csf.*ignore : The list of various ignore files of users, IP’s.
Removing csf and lfd is even more simple:
cd /etc/csf sh uninstall.sh