Step 1 – Install packages
$ sudo yum install perl-GDGraph perl-libwww-perl -y $ sudo yum install perl-libwww-perl net-tools perl-LWP-Protocol-https -y $ sudo yum install perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch -y $ sudo yum install perl-IO-Socket-SSL.noarch perl-Net-SSLeay perl-Net-LibIDN perl-IO-Socket-INET6 perl-Socket6 -y
Step 2 – Install CSF
$ wget https://download.configserver.com/csf.tgz $ tar -zxvf csf.tgz $ cd csf $ sudo ./install.sh
Step 3 – Config CSF
$ sudo vi /etc/csf/csf.conf [...] TESTING = "0" [...] # 0 = Allow those options listed above to be used and configured # 1 = Disable all the options listed above and prevent them from being used # 2 = Disable only alerts about this feature and do nothing else # 3 = Restrict syslog/rsyslog access to RESTRICT_SYSLOG_GROUP ** RECOMMENDED ** RESTRICT_SYSLOG = "3" [...] # Allow incoming TCP ports TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995" # Allow outgoing TCP ports TCP_OUT = "20,21,22,25,53,80,110,113,443,587,993,995" # Allow incoming UDP ports UDP_IN = "20,21,53" # Allow outgoing UDP ports # To allow outgoing traceroute add 33434:33523 to this list UDP_OUT = "20,21,53,113,123,33434:33523" [...] ST_ENABLE = "1" ST_IPTABLES = "100" ST_SYSTEM = "1" ST_SYSTEM_MAXDAYS = "30" ST_APACHE = "1" ST_DISKW = "1" ST_DISKW_FREQ = "1" [...] UI = "1" UI_IP = "" UI_USER = "ngadimin" UI_PASS = "CSF@2018*234#" UI_ALLOW = "1" UI_BLOCK = "1" [...] $ sudo vi /etc/csf/ui/ui.allow 103.xxx.xxx.xxx # gateway / ip public client remote
Step 4 – Restart CSF
$ sudo systemctl enable csf $ sudo systemctl enable lfd $ sudo systemctl restart csf $ sudo systemctl restart lfd
Step 5 – CSF usage
To see list of rules. $ sudo csl -l To restart CSF. $ sudo csf -r Add Block IP $ sudo csf -d <IP> Deny removal $ sudo csf -dr <IP> Add Allow IP $ sudo csf -a <IP> Allow removal $ sudo csf -ar <IP>