Skip to content
Business IT Services, Support Melbourne
  • IT Services
    • Managed IT Services
    • Cloud Services
    • Microsoft 365 Managed Service
    • IT Consulting Services
    • Remote IT Support
    • Business Communication
      • Get started with 3CX
  • Industries
    • Accounting Firms
    • Law Firms
    • Realestate
    • Medical Centres
    • Pharmacies
    • Conveyancing Firms
  • Cybersecurity
    • SaaS Security
    • Assessment
    • The Essential Eight
      • Quick Assessment
    • Playbooks
    • Computer Security Threats
  • Remote IT Support
    • TeamViewer Windows
    • TeamViewer Mac
    • TeamViewer Linux
Get in Touch

Windows

23
  • Command and PowerShell History
  • How to increase the disk size of VM in VirtualBox
  • Saved Windows Credentials
  • View installed software using wmic
  • How to Disable Revocation Check for SSTP VPN
  • Enabling Group Policy editor on Windows 10 Home
  • Source file names are larger than supported file system
  • How to change file creation or modified date
  • Another account from your organisation is already signed in
  • How to check if Microsoft Defender for Endpoint is running
  • Disabling Office 365 Autodiscover – Exchange Self hosted
  • Access to Removable Drives not Protected by BitLocker
  • The Group Policy settings for BitLocker startup options are in conflict and cannot be applied
  • How do you extend a User Profile Disk
  • Resizing User Virtual Disk RDP (Esxi VM)
  • Essential Network Ports for Windows Services
  • Why does OneDrive keep duplicating files
  • Troubleshooting USB devices
  • Download Maps Manager Delayed Start Red in Server 2016
  • Pros and cons working with DNS, DHCP, IPAM, Wireless, LAN, WAN
  • What is a DHCP Servers and DHCP relays
  • How to find user profile disk from registry
  • Understanding Multi-Factor Authentication
Linux

Linux

8
  • Rsync linux
  • CSF Shell Command
  • mysql-8.0-gpg package error
  • Linux Exim Cheat sheet
  • csf configserv commands
  • Nmap cheat sheet
  • nmap
  • Windows Privilege Escalation

Networking

4
  • Cannot access FortiGate web GUI admin interface
  • How to find Fortinet PSK
  • Pros and cons working with DNS, DHCP, IPAM, Wireless, LAN, WAN
  • Disabling SIP ALG on FortiGate Firewall

General IT Support

12
  • TPM has malfunction error 80090016 keyset does not exist
  • Command and PowerShell History
  • How to increase the disk size of VM in VirtualBox
  • Saved Windows Credentials
  • View installed software using wmic
  • How to improve the WIFI coverage in the office
  • Best Practices for Data Backup and Recovery
  • How to change file creation or modified date
  • How to sync a SharePoint site with OneDrive
  • Cannot access FortiGate web GUI admin interface
  • Pros and cons working with DNS, DHCP, IPAM, Wireless, LAN, WAN
  • What is a DHCP Servers and DHCP relays

Network Connectivity

4
  • How to improve the WIFI coverage in the office
  • Common Internet connectivity problems and solutions
  • What is SSTP VPN?
  • Enabling iPhone hotspot

Cyber Security & Compliance

3
  • How to check if Microsoft Defender for Endpoint is running
  • The Group Policy settings for BitLocker startup options are in conflict and cannot be applied
  • Windows Privilege Escalation

Remote IT Support & Helpdesk

5
  • Atera client not showing up in Customer’s dashboard
  • The Group Policy settings for BitLocker startup options are in conflict and cannot be applied
  • How do you extend a User Profile Disk
  • Resizing User Virtual Disk RDP (Esxi VM)
  • mysql-8.0-gpg package error
View Categories
  • Home
  • kb
  • Linux
  • csf configserv commands

csf configserv commands

2 min read

Comprehensive Guide to CSF (ConfigServer Security & Firewall) Commands #

ConfigServer Security & Firewall (CSF) is a firewall application commonly used on Linux servers to enhance security by providing an advanced interface for managing iptables. CSF comes with a daemon, lfd (Login Failure Daemon), which helps mitigate brute-force attacks and other threats.

1. Installation & Basic Configuration #

Installing CSF on Linux #

Before using CSF, ensure that you have it installed on your system.

bashCopyEditcd /usr/src
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Once installed, CSF needs to be configured.

Enable CSF #

CSF runs in TESTING mode by default. To fully enable it, edit the configuration file:

bashCopyEditnano /etc/csf/csf.conf

Find the following line:

iniCopyEditTESTING = "1"

Change it to:

iniCopyEditTESTING = "0"

Save and exit, then restart CSF:

bashCopyEditcsf -r

2. Basic CSF Commands #

Starting, Restarting, and Stopping CSF #

  • Start CSF:bashCopyEditcsf -s
  • Restart CSF:bashCopyEditcsf -r
  • Stop CSF:bashCopyEditcsf -x
  • Check the CSF status:bashCopyEditcsf -s This will show the current firewall rules applied.

3. Managing Firewall Rules #

CSF allows you to easily manage IPs, ports, and services.

Allow an IP #

To allow an IP through the firewall:

bashCopyEditcsf -a <IP> "Reason for allow"

Example:

bashCopyEditcsf -a 192.168.1.100 "Allow internal admin access"

Deny an IP #

To block an IP:

bashCopyEditcsf -d <IP> "Reason for deny"

Example:

bashCopyEditcsf -d 203.0.113.5 "Blocked due to brute-force attempt"

Remove an IP from the Deny List #

bashCopyEditcsf -dr <IP>

Example:

bashCopyEditcsf -dr 203.0.113.5

Temporary IP Block #

To block an IP temporarily (e.g., for 30 minutes):

bashCopyEditcsf -td <IP> <Minutes> "Reason for temporary block"

Example:

bashCopyEditcsf -td 203.0.113.5 30 "Suspected malicious activity"

Removing an IP from the Allow List #

bashCopyEditcsf -ar <IP>

Example:

bashCopyEditcsf -ar 192.168.1.100

4. Managing Ports #

CSF allows you to manage open and closed ports via its configuration file.

Manually Allow Ports #

bashCopyEditcsf -a <PORT>/tcp
csf -a <PORT>/udp

Example:

bashCopyEditcsf -a 8080/tcp

Alternatively, edit the CSF configuration file:

bashCopyEditnano /etc/csf/csf.conf

Find and edit:

iniCopyEditTCP_IN = "22,80,443,8080"
TCP_OUT = "22,80,443,8080"

Save and restart CSF:

bashCopyEditcsf -r

Closing a Port #

To block a specific port, remove it from csf.conf or run:

bashCopyEditcsf -d <PORT>/tcp

Example:

bashCopyEditcsf -d 3306/tcp

5. Checking and Managing CSF Logs #

CSF logs provide insights into firewall activity.

Check Currently Blocked IPs #

bashCopyEditcsf -g <IP>

Example:

bashCopyEditcsf -g 203.0.113.5

This will return details about why an IP is blocked.

View CSF Logs in Real-time #

bashCopyEdittail -f /var/log/lfd.log

List All Temporary Blocks #

bashCopyEditcsf -t

Flush All Temporary Blocks #

bashCopyEditcsf -tf

6. Advanced Features #

Uninstall CSF #

If you need to remove CSF:

bashCopyEditcd /etc/csf
sh uninstall.sh

Restart the LFD Daemon #

If you need to restart the lfd (Login Failure Daemon):

bashCopyEditsystemctl restart lfd

Whitelist IPs from CSF Block #

If an IP keeps getting blocked, add it to the whitelist:

bashCopyEditnano /etc/csf/csf.allow

Add:

iniCopyEdit192.168.1.100

Then restart CSF:

bashCopyEditcsf -r

7. CSF Configuration File Explained #

CSF’s main configuration file is located at:

bashCopyEdit/etc/csf/csf.conf

Some important settings:

  • TCP_IN/TCP_OUT – Allowed inbound/outbound TCP ports.
  • UDP_IN/UDP_OUT – Allowed inbound/outbound UDP ports.
  • DENY_IP_LIMIT – Maximum number of blocked IPs.
  • LF_TRIGGER – Defines how many login failures before an IP is blocked.

To apply changes, restart CSF:

bashCopyEditcsf -r

8. Automating CSF with Cron Jobs #

You can automate CSF commands by adding them to a cron job.

Example: Block an IP at specific times:

bashCopyEditcrontab -e

Add:

iniCopyEdit0 2 * * * csf -d 203.0.113.5 "Auto block"

This will block the IP every day at 2 AM.


9. Conclusion #

CSF is a powerful tool for managing firewall rules, blocking unwanted traffic, and securing your server. Whether you need to block IPs, allow specific ports, or monitor logs, CSF provides a robust interface for managing security

Share This Article :
  • Facebook
  • X
  • LinkedIn
  • Pinterest
Linux Exim Cheat sheetNmap cheat sheet
Table of Contents
  • Comprehensive Guide to CSF (ConfigServer Security & Firewall) Commands
  • 1. Installation & Basic Configuration
    • Installing CSF on Linux
    • Enable CSF
  • 2. Basic CSF Commands
    • Starting, Restarting, and Stopping CSF
  • 3. Managing Firewall Rules
    • Allow an IP
    • Deny an IP
    • Remove an IP from the Deny List
    • Temporary IP Block
    • Removing an IP from the Allow List
  • 4. Managing Ports
    • Manually Allow Ports
    • Closing a Port
  • 5. Checking and Managing CSF Logs
    • Check Currently Blocked IPs
    • View CSF Logs in Real-time
    • List All Temporary Blocks
    • Flush All Temporary Blocks
  • 6. Advanced Features
    • Uninstall CSF
    • Restart the LFD Daemon
    • Whitelist IPs from CSF Block
  • 7. CSF Configuration File Explained
  • 8. Automating CSF with Cron Jobs
  • 9. Conclusion
Melbourne business IT logo

Melbits is Melbourne Business IT Service and technology solutions provider. Our tailored and strategic approach ensures that your business will receive expert IT support, cybersecurity and consulting that aligns with your business needs, empowering your business, driving growth and success.

You can reach us at 03 9069 6788

IT Services

  • Managed IT Services
  • Cloud Services
  • Cybersecurity
  • Remote IT Services
  • Business Communication
  • IT Consulting

Industries

  • Accounting Firms
  • Law Firms
  • Realestate
  • Medical Centres
  • Pharmacies
  • Conveyancing Firms

Additional Links

  • About Us
  • Knowledge Base
  • Case Studies
  • Blog
  • Contact
  • FAQ

© 2025 Melbit Services, All Rights Reserved.

  • Terms and Conditions
  • Privacy Policy