How to Install ConfigServer Security & Firewall (CSF) in RHEL,CentOS

In this article we explains How to Install ConfigServer Security & Firewall (CSF) in RHEL,CentOS 

CSF is an open source Stateful Packet Inspection (SPI) iptables firewall that is straight-forward, easy and flexible to configure and secure with extra checks to ensure smooth operation.

CSF Provides lots of features, Some of them are,
  • Login Tracking
  • Script Email Alerts
  • Process Tracking
  • Directory Watching
  • Advanced Allow/Deny Filters
  • Multiple Ethernet Devices
  • Messenger Service (v1 and v2)
  • Block Reporting
  • Port Flood Protection
  • External Pre- and Post- Scripts
  • lfd Clustering
  • Port Knocking
  • Port/IP address Redirection
  • IP Block Lists

Directory structure:

/etc/csf/                - configuration files
/var/lib/csf/          - temporary data files
/usr/local/csf/bin/ - scripts
/usr/local/csf/lib/  - perl modules and static data
/usr/local/csf/tpl/  - email alert templates


Perl modules are required for install csf firewall.

                # yum install perl-libwww-perl


Step 1: Download CSF Firewall from

            #  wget

Step 2: Extract CSF package

           # tar -zxvf csf.tgz

Step 3: Install CSF Package

           # chmod +x

           # ./

The port details above are for information only, csf hasn't been auto-configured.

Don't forget to:

1. Configure the following options in the csf configuration to suite your server: TCP_*, UDP_*, IPV6, TCP6_*, UDP6_*
2. Restart csf and lfd
3. Set TESTING to 0 once you're happy with the firewall, lfd will not run until you do so

csf.conf : The main configuration
csf.allow : The list of allowed IP addresses
csf.deny : The list of denied IP addresses
csf.ignore : The list of ignored IP addresses


The default csf configuration file is /etc/csf/csf.conf. You can edit this file as per your requirements. you can disable Testing mode by changing variable TESTING = "1" to TESTING = "0"

Start CSF

            # service csf start

            # chkconfig csf on

Reload CSF firewall

           # csf -r

List default rules

         # csf -l

Start the CSF firewall

          # csf -s

Stop the CSF firewall

         # csf -f

Allow IP Address

If you want to allow an ip address, open /etc/csf/allow.csf and add that ip address

           # vim /etc/csf/csf.allow


         # csf -a

Block IP Address

If you want to block an ip address, open /etc/csf/deny.csf and add that ip address

            # vim /etc/csf/csf.deny


           # csf -d

Delete IP from csf.allow and csf.deny file through command

If you want to delete IP from csf.allow and csf.deny file, just run the following command:

                  # csf -ar

                  # csf -dr

Uninstall CSF Firewall

To uninstall csf firewall, go to /etc/csf/ directory and run following command

# ./

For more information, Please refer csf readme

Source :

No comments:

Powered by Blogger.