ConfigServer Security & Firewall (CSF) is an advanced, free, and powerful opensource tool to manage and handle firewall protocols on Linux. You can use the CSF tool to maintain your incoming and outgoing IP addresses on your device. You can also use it to configure the security & firewall settings on a webserver to maintain internet traffic. You can configure the CSF settings with the OpenSSH and SSH server. CSF can be installed and configured on Red Hat Linux, Debian distributions, and most other Cloud-based or Virtual Machines.
Install and Configure CSF on Linux
As I have mentioned earlier that the CSF is open-source software, so it is obvious that the ConfigServer Security & Firewall is highly compatible with Linux. In CSF settings, the interval time is set for five minutes, which means the firewall will erase and start over the CSF configurations in 0-5 minutes since the process is started.
It will help the user to clear all the previous firewall and security settings. The user can allow any IP and port address, disable operations and, restrict any protocol to enter the network. Mostly you can analyze your inbound and outbound networks on your Linux machine through the CSF tool. In this post, we will see how to install and configure CSF on Linux.
Step 1: Install Perl Library Function
Perl programming language was initially created to manage and automate the serial tasks. Later the library function of Perl has been using to make other programs smooth and efficient. In order to install the CSF tool on Linux, we have to install the Perl library function inside our machine. So, now we will install the Perl library on Linux. You can copy and paste the following terminal commands lines given below to get the library on your Debian and Red Hat Linux.
Install Perl Library on Debian Distributions
sudo apt install libwww-perl
Install Perl Library on Red Hat Linux
yum install perl-libwww-perl
Step 2: Download CSF For Linux
Now, it is time to assign a path and download the CSF tool. The assigned path will be the directory where the CSF can be installed on your Linux filesystem. You can assign the path as the source directory of your Linux distribution that is usr/src.
Then run the following wget command to download the CSF tool in the destination folder. The file will be downloaded as a compressed tape archive file (tgz) file. Later you have to extract and install the file on your Linux system.
$ cd /usr/src $ wget https://download.configserver.com/csf.tgz
Now extract the compressed file to make it ready to be installed. You can either extract the file with your favorite zip and unzip tools, or you can use the following terminal command lines on your Linux terminal shell to extract the file.
$ tar xzf csf.tgz $ cd csf
Step 3: Install the CSF Tool on Linux
Once the Perl library function is installed, and the CSF file is downloaded inside the system, you are now ready to install the ConfigServer Security & Firewall in your Linux machine. To install the CSF tool on Linux, we will run the following shell command in the Linux shell. When the installation is successfully done, you will get an ‘Installation Complete’ message on your display.
$ sh install.sh $ perl /usr/local/csf/bin/csftest.pl
Step 4: Remove Other Firewall Settings
In every Linux distributions, there might be a firewall service pre-installed inside your machine. To get started with the ConfigServer Security & Firewall (CSF) on your machine, you need to stop and disable the default firewall service of your Linux system. If you are using the UFW on your Linux machine, use the following terminal command to disable the Uncomplicated Firewall (UFW) on your machine.
$ ufw disable
If your system is using the Firewalld inside the machine, use this terminal command lines to stop and disable the service.
$ systemctl stop firewalld $ systemctl disable firewalld
Step 5: Configure the CSF on Linux
Here comes the basic part of configuring the CSF tool on Linux. After the installation is finished, you can now do a little configuration of the ConfigServer Security & Firewall. You can add and allow ping monitoring, allow the UDP and TCP ports, and set the internet control message protocol (ICMP) in the CSF configuration script.
To do the configuration, you need to open the configuration file of the CSF tool. You can use the Nano script editor to edit and save the configuration settings. Use the following terminal command line to open the configuration script.
$ nano /etc/csf/csf.conf
The basic settings are given below. Feel free to copy and paste the settings.
#Enable CSF TESTING = "0"
# Allow incoming TCP ports
TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995”
# Allow outgoing TCP ports
TCP_OUT = “20,21,22,25,53,80,110,113,443,587,993,995”
# Allow incoming UDP ports
UDP_IN = “20,21,53”
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = “20,21,53,113,123”
# Allow incoming PING
ICMP_IN = “1”
# Set the per IP address incoming ICMP packet rate
# To disable rate limiting set to “0”
ICMP_IN_RATE = “1/s”
# Allow outgoing PING
ICMP_OUT = “1”
Step 6: Getting Started with CSF
After installing and configuring the CSF on your Linux system, you can now get started with the features of Configure ConfigServer Security & Firewall. It’s so simple and easy to maintain the CSF settings that if you are a newbie in Linux, you will be able to run it. Some basic and primary CSF command lines are given below for better understanding. The command lines are the same for all Linux distributions.
Use this command to check the version of CSF.
$ csf -v
Use this command to monitor the iptables
csf -l
Use these terminal command lines to start, restart, and stop the CSF.
service csf start service csf restart service csf stop
Use these command lines to start, restart, stop, and check the status of iptables
iptables start iptables restart iptables stop iptables status
Besides these, you can also block or allow both incoming and outgoing networks on your Linux system through the CSF tool.
Use this command to block any IP address.
csf -d 192.168.0.1
Using the CSF tool, you can block an IP address for a particular time. Don’t forget to mention the time duration in seconds.
Use this command to block an IP address.
csf -td 192.168.0.1 3600
Use this command line to allow IP addresses on your Linux machine.
csf -a 192.168.0.1
Use this command to allow an IP address for a particular time.
csf -ta 192.168.0.1 3600
Use this command line to unblock an IP address.
csf -dr 192.168.0.1 3600
Use this command line to unblock all addresses.
csf -tf
Step 7: Remove CSF from Linux
If earlier you have been using other firewall tools to protect your Linux server, there is a chance that you might want to switch back to your old firewall. You might know that the CSF is actually not used as a firewall in a conventional way. Here is the method, if you want to remove the CSF from your Linux machine. All you need to do is just run the following uninstall shell command in your Linux terminal.
$ /etc/csf/uninstall.sh
Final Words
You must think before you get your firewall configuration, which kind of firewall do you actually need. If necessary, you can get your dedicated hardware firewall, or even a router firewall might work for home users. The firewall is not the ultimate solution for your computer security. It can’t detect viruses and other malicious attacks.
You must know that the CSF tool is not an antivirus, it’s a tool that can protect the network system of your Linux machine. In the entire post, I’ve briefly explained the working mechanism and how to install and use the CSF on the Linux system.
If you have been looking for a tutorial on CSF on Linux, please let us know how much this post helped you. Also, please share this post with your friends and the Linux community. You can write down your opinions in the comment segment. Thank you for visiting Ubuntupit.
