What is CSF?
Config Server Firewall is a free and advanced firewall for most Linux Distributions and Linux based VPS. In addition to the basic functionality of firewall, it provides other security features such as login, intrusion, nd detections. It helps in locking down public access and to restrict what can be accessed like only e-mails or only websites, etc. To add more power to this, it comes with a Login Failure Daemon (LFD) script. It runs all the time to scan for failed attempts to login to the server to detect bruteforce-attacks. If a huge number of failed logins are appearing from that IP, LFD also blocks IPs. The block is temporary. It also allows the admin to view the blocked IP by enabling an email alert service.
CSF Commands used to handle IP:
CSF (Config Server Firewall) uses some commands to handle the IP. Those commands are listed below .
# csf-s – Starts the firewall rules.
# csf-f – Stops the firewall rules.
# csf-r – Restarts the firewall rules.
# csf-a [Ip address] – Allows or Unblock an IP and add to /etc/csf/csf.allow
# csf-tr [Ip address] – Removes an IP from the temporary IP ban or allow list.
# csf-tf – Flush all IP’s from temporary IP entries.
# csf-d[Ip address] – Denies an IP and add to /etc/csf/csf.deny
# csf-dr[Ip address] – Unblock an IP and remove from /etc/csf/csf.deny
# csf-df – Remove and unblock all entries in /etc/csf/csf.deny
# csf-g[Ip address] – Search the iptables and ip6tables rules for a match.
# csf-t – Displays the current list of temporary allow and denies IP entries with their TTL.