Monday, January 23, 2017

Centos ConfigServer Security & Firewall

Download latest CSF & LFD from https://download.configserver.com/csf.tgz, extract it and install it:
# tar -xzf csf.tgz
# cd csf
# ./install.sh
Test CSF & LFD installation
Testing
# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf should function on this server

Remove other firewall that may conflict by running script
# /usr/local/csf/bin/remove_apf_bfd.sh
Removing apf and/or bfd...
/usr/local/csf/bin/remove_apf_bfd.sh: line 5: apf: command not found
error reading information on service apf: No such file or directory
error reading information on service apf: No such file or directory
...Done

Removing "Testing" mode
# vi /etc/csf/csf.conf
...
TESTING = "0"
...

Block country by adding 2 letters country code in csf.conf and restart
# vi /etc/csf/csf.conf
...
CC_DENY = "CN,VN"
...
csf -r
Country code can be found here 
References:

No comments:

Post a Comment