Useful CSF commands in Linux
Useful CSF commands in Linux
CSF, a firewall application suite for Linux servers. CSF is also a Login/Intrusion Detection for applications like SSH, SMTP, IMAP, Pop3, the “su” command etc,.
It also checks for login authentication failures on mail servers (Exim, IMAP, Dovecot, uw-imap, Kerio), OpenSSH servers, Ftp servers (Pure-ftpd, vsftpd, Proftpd), cPanel server. CSF is a good security solution for hosting servers and can be integrated into the user interface (UI) of WHM/cPanel, DirectAdmin, and Webmin control panels.

Useful CSF commands in Linux
For installing CSF (Config Server Firewall) on Centos
Here, we can see some useful csf commands with definitions
ATTRIBURE | OPTIONS | DESCRIPTION |
---|---|---|
-h | --help | Show help message |
-l | --status | List/Show the IPv4 iptables configuration |
-l6 | --status6 | List/Show the IPv6 ip6tables configuration |
-s | --start | Start the firewall rules |
-f | --stop | Flush/Stop firewall rules (Note: lfd may restart csf) |
-r | --restart | Restart firewall rules (csf) |
-q | --startq | Quick restart (csf restarted by lfd) |
-sf | --restartall | Restart firewall rules (csf) and then restart lfd daemon. Both csf and then lfd should be restarted after making any changes to the configuration files |
--lfd | [stop|start|restart|status] | Actions to take with the lfd daemon |
-a | --add ip [comment] | Allow an IP and add to /etc/csf/csf.allow |
-ar | --addrm ip | Remove an IP from /etc/csf/csf.allow and delete rule |
-d | --deny ip [comment] | Deny an IP and add to /etc/csf/csf.deny |
-dr | -denyrm ip | Unblock an IP and remove from /etc/csf/csf.deny |
-df | --denyf | Remove and unblock all entries in /etc/csf/csf.deny |
-g | --grep ip | Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number) |
-i | --iplookup ip | Lookup IP address geographical information using CC_LOOKUPS setting in /etc/csf/csf.conf |
-t | --temp | Displays the current list of temporary allow and deny IP entries with their TTL and comment |
-tr | --temprm ip | Remove an IP from the temporary IP ban or allow list |
-td | --tempdeny ip ttl [-p port] [-d direction] [comment] | Add an IP to the temp IP ban list. ttl is how long to blocks for (default:seconds, can use one suffix of h/m/d). Optional port. Optional direction of block can be one of: in, out or inout (default:in) |
-ta | --tempallow ip ttl [-p port] [-d direction] [comment] | Add an IP to the temp IP allow list (default:inout) |
-tf | --tempf | Flush all IPs from the temporary IP entries |
-cp | --cping | PING all members in an lfd Cluster |
-cg | --cgrep ip | Requests the --grep output for IP from each member in an lfd Cluster |
-cd | --cdeny ip [comment] | Deny an IP in a Cluster and add to each remote /etc/csf/csf.deny |
-ctd | --crm ip | Unblock an IP in a Cluster and remove from each remote /etc/csf/csf.deny and temporary list |
-ca | --callow ip [comment] | Allow an IP in a Cluster and add to each remote /etc/csf/csf.allow |
-cta | --ctempallow ip ttl [-p port] [-d direction] [comment] | Add an IP in a Cluster to the temp IP allow list (default:in) |
-car | --carm ip | Remove allowed IP in a Cluster and remove from each remote /etc/csf/csf.allow and temporary list |
-ci | --cignore ip [comment] | Ignore an IP in a Cluster and add to each remote . /etc/csf/csf.ignore. Note: This will result in lfd being restarted |
-cc | --cconfig [name] [value] | Change configuration option [name] to [value] in a Cluster |
-cf | --cfile [file] | Send [file] in a Cluster to /etc/csf/ |
-crs | --crestart | Cluster restart csf and lfd |
--trace | [add|remove] ip | Log SYN packets for an IP across iptables chains. Note, this can create a LOT of logging information in /var/log/messages so should only be used for a short period of time. This option requires the iptables TRACE module and access to the raw PRE-ROUTING chain to function |
-m | --mail [email] | Display Server Check in HTML or email to [email] if present |
--rbl | [email] | Process and display RBL Check in HTML or email to [email] if present |
-lr | --logrun | View ports on the server that have a running process behind them listening for external connections |
--graphs | [graph type] [directory] | Generate System Statistics html pages and images for a given graph type into a given directory. |
--profile | --profile [command] [profile|backup] [profile|backup] | Configuration profile functions for /etc/csf/csf.conf. You can create your own profiles using the examples provided in /usr/local/csf/profiles/. The profile reset_to_defaults.conf is a special case and will always be the latest default csf.conf |
--cloudflare | --cloudflare [command] | Commands for interacting with the CloudFlare firewall. |
-c | --check | Check for updates to csf but do not upgrade |
-u | --update | Check for updates to csf and upgrade if available |
-uf | Force an update of csf whether and upgrade is required or not | |
-x | --disable | Disable csf and lfd completely |
-e | --enable | Enable csf and lfd if previously disabled |
-v | --version | Show csf version |
Hope this article helps your need, Please share your valuable comments to improve us.
To know about cron jobs : Click here
Nice post.
Thanks for sharing the knowledge