Centos ConfigServer Security & Firewall

Download latest CSF & LFD from https://download.configserver.com/csf.tgz, extract it and install it:

# wget https://download.configserver.com/csf.tgz 

# tar -xzf csf.tgz

# cd csf

# ./install.sh

Test CSF & LFD installation

Testing

# perl /usr/local/csf/bin/csftest.pl

Testing ip_tables/iptable_filter...OK

Testing ipt_LOG...OK

Testing ipt_multiport/xt_multiport...OK

Testing ipt_REJECT...OK

Testing ipt_state/xt_state...OK

Testing ipt_limit/xt_limit...OK

Testing ipt_recent...OK

Testing xt_connlimit...OK

Testing ipt_owner/xt_owner...OK

Testing iptable_nat/ipt_REDIRECT...OK

Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server

Remove other firewall that may conflict by running script

# /usr/local/csf/bin/remove_apf_bfd.sh

Removing apf and/or bfd...

/usr/local/csf/bin/remove_apf_bfd.sh: line 5: apf: command not found

error reading information on service apf: No such file or directory

error reading information on service apf: No such file or directory

...Done

Removing "Testing" mode

# vi /etc/csf/csf.conf

...

TESTING = "0"

...

Block country by adding 2 letters country code in csf.conf and restart

# vi /etc/csf/csf.conf

...

CC_DENY = "CN,VN"

...

# csf -r

Country code can be found https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2

References:

• https://download.configserver.com/csf/install.txt