MENU
mobile-logo
Home / Cloud  / Amazon Services  / Set up CSF Firewall on Centos 7/ RHEL 7

Set up CSF Firewall on Centos 7/ RHEL 7

2:58 am
0
1268Views

ConfigServer  () is advanced and free available for Linux  and debian based distributions. In latest versoin of CentOs  7 , ,   servers  require that use the daemon but we can use iptables command for firewall and In only allow to modify iptables rules .

So Here  in this article we  will show you how to disabled default firewall (firewalld) on , RHEL 7 and CloudLinux 7 and install iptables with CSF Configuration.

 

Disable firewalld with  mask :

Stop the firewalld .

# systemctl stop firewalld

Disable auto start from auto start

#systemctl disable firewalld

Prevention from automatic start firewalld , run below command.

systemctl mask firewalld

 

Install and configure iptables :

# yum -y install iptables-services

For iptables and ip6tables :

# touch /etc/sysconfig/iptables    # touch /etc/sysconfig/ip6tables

Start the Iptables service :

# systemctl start iptables
# systemctl start ip6tables

Boot time service Start :

# systemctl enable iptables
# systemctl enable ip6tables

Install & Download dependencies for CSF :

yum -y install perl perl-libwww-perl   net-tools wget  perl-GDGraph  perl-LWP-Protocol-https  -y

Download the CSF installer :

# cd /opt    # wget https://download.configserver.com/csf.tgz

Uncompress download CSF file.

# tar xzf csf.tgz

Run the installer :

# cd csf    #sh install.sh

You can remove installation files after installation that is /opt/csf and /opt/csf.tgz

After installation you should check the  iptables new module will work or not . run below command and check the output , it will look my below output.

# perl /usr/local/csf/bin/csftest.pl

OUTPUT :

Testing ip_tables/iptable_filter...OK  Testing ipt_LOG...OK  Testing ipt_multiport/xt_multiport...OK  Testing ipt_REJECT...OK  Testing ipt_state/xt_state...OK  Testing ipt_limit/xt_limit...OK  Testing ipt_recent...OK  Testing xt_connlimit...OK  Testing ipt_owner/xt_owner...OK  Testing iptable_nat/ipt_REDIRECT...OK  Testing iptable_nat/ipt_DNAT...OK    RESULT: csf should function on this server

Here no fatal error is showing , so this firewall should work perfectly.

Configuring CSF Firewall :

Basic configuration file of CSF firewall is in /etc/csf directory with name csf.conf. You should have good knowledge of networking concept and port for configuring firewall.

#vi /etc/csf/csf.conf

After making change you need to run below command for update changes in firewall settings.

#csf -r

Thank you

 

 

A Linux Geek with Freelance Contributor, Server/ Cloud Administrator having experience in Open Source and Cloud Technologies.

Review overview
RELATED ARTICLES
0
0
0
NO COMMENTS

POST A COMMENT

Time limit is exhausted. Please reload CAPTCHA.