inside the mind of a linux admin

How to install CSF Firewall on CentOS 7

ConfigServer (CSF) is advanced open-source firewall for Linux. If you are like me, I don’t really care much for the native firewalld that’s included with RHEL7 releases, and I’ve used APF for years which is basically just a frontend for iptables.

Here’s instructions on how to install it:

1. Disable firewalld

systemctl stop firewalld
systemctl disable firewalld
systemctl mask firewalld

2. Install iptables

yum -y install iptables-services
touch /etc/sysconfig/iptables
touch /etc/sysconfig/ip6tables

3. Start and enable the iptables service

systemctl start iptables
systemctl start ip6tables

systemctl enable iptables
systemctl enable ip6tables

4. Install CSF and its dependencies

yum -y install perl perl-libwww-perl net-tools wget perl-GDGraph perl-LWP-Protocol-https
cd /opt
tar xzf csf.tgz
cd /opt/csf
cd /etc/csf
rm -rf /opt/csf

5. Test your kernel modules to ensure everything is OK

perl /usr/local/csf/bin/

That’s it, you’re done!

You now have a working CSF installation on your server. You should now know the basics on how to configure it. A good place to start is the config file, located at /etc/csf/csf.conf

For more information, please read the full README file available from the vendor’s website.

Related Posts

synergy: How to enable crypto (encryption) and generate SSL certificate

The newer Linux versions of the popular mouse/keyboard sharing application “synergy” now has built in encryption. Here’s how to configure it: Just simply passing the –enable-crypto flag on your synergy server without having a proper SSL certificate will result in the inability to connect to clients and generate an error message similar to this in […]

Read More

Change Number Pad Delete (dot) key from a comma in Ubuntu Linux

I recently purchased a new keyboard and updated to the latest Ubuntu, I’m also an avid user of the number pad for quick input when dealing with spreadsheets or accounting. I found that my num pad’s delete key (“.”) was outputting a comma (“,”) instead. Pretty annoying? I agree, but this can be very easily […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.