In this article, we will learn list of CSF Firewall commands.
ConfigServer Security & Firewall (it is also called csf in short) is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
To complement the ConfigServer Firewall (csf), is developed a Login Failure Daemon (lfd) process that runs all the time and periodically (every X seconds) scans the latest log file entries for login attempts against your server that continually fail within a short period of time. Such attempts are often called “Brute-force attacks” and the daemon process responds very quickly to such patterns and blocks offending IP’s quickly.
Let’s get started.
1. To get help/list options
# csf –help
2. Enable CSF
# csf -e
3. Disable CSF
# csf -x
4. Restart CSF (IPtables rules)
# csf -r
5. Restart CSF/LFD (iptables rules and LFD service)
# csf -ra
6. Restart LFD only
# systemctl restart lfd
7. Check blocked IP reason
# csf -g [IP Address]
8. Block IP (Permanently)
# csf -d [IP Address]
9. Block IP (temporarily for 24 hours, define in seconds)
# csf -td [IP Address] 86400
10. Unblock IP
# csf -dr [IP Address]
11. Whitelist IP range /24
# csf -a [IP Address]/24
12. Whitelist (temporarily) IP range /24 for 24 hours
# csf -ta [IP Address]/24 86400
13. Remove all temporary IP blocks
# csf -tf
14. Remove all permanent IP blocks
# csf -df
There are many more commands, we have covered few of them.
We have seen list of CSF Firewall commands.
[Need assistance to fix this error or install tools? We’ll help you.]