Hard to implement IPTables? Try this.
Have you ever try to implement filter on your server using IPTables?
It's hard isn't it?
You should try CSF.
First, download latest package of CSF from official website, and extract it.
# cd /opt/ # wget https://download.configserver.com/csf.tgz # tar -xvf csf.tgz
I use CentOS, so I prefer store them in
/opt/. Please try to read at your own distribution hier.
Then install required perl packages.
-- On rpm based systems: # yum install perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch perl-GDGraph perl-Math-BigInt.noarch -- On APT based systems: # apt-get install libwww-perl liblwp-protocol-https-perl libgd-graph-perl
# sh install.sh Selecting installer... Running csf generic installer Installing generic csf and lfd Check we're running as root ... ---- too long ---- Installation Completed
After completed, try to restart csf.
# csf -r
CSF will automatically added your current IP and SSH Port to the allow list.
Check whether your CSF running properly
# perl /usr/local/csf/bin/csftest.pl Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK RESULT: csf should function on this server
All config stored at
Find and write your desired rules, and save them by
Don't forget to RTFM. You'll find the details.
# man csf
(c)2006-2021, Way to the Web Limited (http://www.configserver.com)