Advertisement Area

Useful CSF commands in Linux

Useful CSF commands in Linux

CSFa firewall application suite for Linux servers. CSF is also a Login/Intrusion Detection for applications like SSH, SMTP, IMAP, Pop3, the “su” command etc,.

It also checks for login authentication failures on mail servers (Exim, IMAP, Dovecot, uw-imap, Kerio), OpenSSH servers, Ftp servers (Pure-ftpd, vsftpd, Proftpd), cPanel server. CSF is a good security solution for hosting servers and can be integrated into the user interface (UI) of WHM/cPanel, DirectAdmin, and Webmin control panels.

Useful CSF commands in Linux

Useful CSF commands in Linux

For installing CSF (Config Server Firewall) on Centos

Here, we can see some useful csf commands with definitions

ATTRIBUREOPTIONSDESCRIPTION
-h--helpShow help message
-l--statusList/Show the IPv4 iptables configuration
-l6--status6List/Show the IPv6 ip6tables configuration
-s--startStart the firewall rules
-f--stopFlush/Stop firewall rules (Note: lfd may restart csf)
-r--restartRestart firewall rules (csf)
-q--startqQuick restart (csf restarted by lfd)
-sf--restartallRestart firewall rules (csf) and then restart lfd daemon. Both
csf and then lfd should be restarted after making any changes to the configuration files
--lfd[stop|start|restart|status]Actions to take with the lfd daemon
-a--add ip [comment]Allow an IP and add to /etc/csf/csf.allow
-ar--addrm ipRemove an IP from /etc/csf/csf.allow and delete rule
-d--deny ip [comment]Deny an IP and add to /etc/csf/csf.deny
-dr-denyrm ipUnblock an IP and remove from /etc/csf/csf.deny
-df--denyfRemove and unblock all entries in /etc/csf/csf.deny
-g--grep ipSearch the iptables and ip6tables rules for a match (e.g. IP,
CIDR, Port Number)
-i--iplookup ipLookup IP address geographical information using CC_LOOKUPS setting in /etc/csf/csf.conf
-t--tempDisplays the current list of temporary allow and deny IP entries
with their TTL and comment
-tr--temprm ipRemove an IP from the temporary IP ban or allow list
-td--tempdeny ip ttl [-p port] [-d direction] [comment]Add an IP to the temp IP ban list. ttl is how long to blocks for (default:seconds, can use one suffix of h/m/d). Optional port. Optional direction of block can be one of: in, out or inout (default:in)
-ta--tempallow ip ttl [-p port] [-d direction] [comment]Add an IP to the temp IP allow list (default:inout)
-tf--tempfFlush all IPs from the temporary IP entries
-cp--cpingPING all members in an lfd Cluster
-cg--cgrep ipRequests the --grep output for IP from each member in an lfd Cluster
-cd--cdeny ip [comment]Deny an IP in a Cluster and add to each remote /etc/csf/csf.deny
-ctd--crm ipUnblock an IP in a Cluster and remove from each remote /etc/csf/csf.deny and temporary list
-ca--callow ip [comment]Allow an IP in a Cluster and add to each remote
/etc/csf/csf.allow
-cta--ctempallow ip ttl [-p port] [-d direction] [comment]Add an IP in a Cluster to the temp IP allow list (default:in)
-car--carm ipRemove allowed IP in a Cluster and remove from each remote /etc/csf/csf.allow and temporary list
-ci--cignore ip [comment]Ignore an IP in a Cluster and add to each remote .
/etc/csf/csf.ignore. Note: This will result in lfd being restarted
-cc--cconfig [name] [value]Change configuration option [name] to [value] in a Cluster
-cf--cfile [file]Send [file] in a Cluster to /etc/csf/
-crs--crestartCluster restart csf and lfd
--trace[add|remove] ipLog SYN packets for an IP across iptables chains. Note, this can create a LOT of logging information in /var/log/messages so should only be used for a short period of time. This option requires the iptables TRACE module and access to the raw PRE-ROUTING chain to function
-m--mail [email]Display Server Check in HTML or email to [email] if present
--rbl[email]Process and display RBL Check in HTML or email to [email] if present
-lr--logrunView ports on the server that have a running process behind them listening for external connections
--graphs[graph type] [directory]Generate System Statistics html pages and images for a given graph type into a given directory.
--profile--profile [command] [profile|backup] [profile|backup]Configuration profile functions for /etc/csf/csf.conf. You can create your own profiles using the examples provided in /usr/local/csf/profiles/. The profile reset_to_defaults.conf is a special case and will always be the latest default csf.conf
--cloudflare--cloudflare [command]Commands for interacting with the CloudFlare firewall.
-c--checkCheck for updates to csf but do not upgrade
-u--updateCheck for updates to csf and upgrade if available
-ufForce an update of csf whether and upgrade is required or not
-x--disableDisable csf and lfd completely
-e--enableEnable csf and lfd if previously disabled
-v--versionShow csf version

Hope this article helps your need, Please share your valuable comments to improve us.

To know about  cron jobs : Click here

 

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

Advertisement Area