How To Install & Configure CSF Firewall in CentOS 7

Steps to install and configure the CSF tool on CentOS 7 Linux systems.

What is CSFCSF?

Config Server Firewall is a set of applications that have been developed to offer firewall-level solutions for Linux environments.

CSF has technology that detects not due accesses using protocols such as SSH, SMTP, IMAP, Pop3 or the already known, although not protocol, its to access as super users.

Step 1: Install CSF Dependencies

First of all, it will be necessary to install specific dependencies such as Perl since CSF is based on it.

We will execute the following in CentOS 7:

yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes

Step 2: Install CSF

Once the dependencies have been downloaded and installed, we will go to the /usr/src/ directory, entering the following: cd/usr/src/

Now we will install CSF by executing the following line:

wget https://download.configserver.com/csf.tgz

Once downloaded, we will extract the content by running the following:

tar -xzf csf.tgz

We access the csf directory:

cd csf

We will install the content by executing the following:

sh install.sh

To verify that CSF works appropriately in CentOS 7 we will run the following commands:

cd /usr/local/csf/bin/perl csftest.pl

The result will be similar to this:

Step 3: Configure CSF

Once we check that CSF works correctly, it is time to configure it in the system.

The first step is to stop the default firewall service in CentOS 7 using the following command:

systemctl stop firewalld

Now we disable the automatic start of firewalld in the CentOS 7 boot using this command:

systemctl disable firewalld

To configure CSF, we must go to the next path /etc/csf using the preferred editor.

For this we will use the following commands:

cd /etc/csf/
nano csf.conf

There we will modify the TESTING line from the value 1 to 0 :

We save the changes using the keys Ctrl + O, and we exit the editor using the keys Ctrl + X.

By default, CSF enables incoming and outgoing traffic through SSH port 22; if we want to edit another port from this file, we can do it.

Some of the most common ports to use are:

  • Port 21: FTP Control
  • Port 22: SSH
  • Port 20: FTP data transfer
  • Port 25: SMTP
  • Port 53. DNS
  • Port 80: HTTP
  • Port 123: NTP
  • Port 443: HTTPS
  • Port 587: SMTP
  • Port 995. POP3S

Now we must start the CSF and LFD services by executing the following commands:

systemctl start csfsystemctl start lfd

To know the default CSF rules, we will run the following command:

csf –l

Thanks to CSF we will be able to keep accurate, real-time and reliable control of everything that happens within CentOS 7 and thus manage each system value with greater confidence.

Similar Posts

One Comment

  1. Excellent tutorial, it worked well. The only difference I experienced is that the CSF Perl files are no longer in a /perl/ directory, they are just inside /usr/local/csf/bin/

Leave a Reply

Your email address will not be published. Required fields are marked *