ConfigServer (CSF) is advanced firewall and free available for Linux and debian based distributions. In latest versoin of CentOs 7 , RHEL 7 , CloudLinux 7 servers require that use the firewalld daemon but we can use iptables command for firewall and In WHM CSF only allow to modify iptables rules .
So Here in this article we will show you how to disabled default firewall (firewalld) on CentOS 7 , RHEL 7 and CloudLinux 7 and install iptables with CSF Configuration.
Disable firewalld with mask :
Stop the firewalld .
# systemctl stop firewalld
Disable auto start from auto start
#systemctl disable firewalld
Prevention from automatic start firewalld , run below command.
systemctl mask firewalld
Install and configure iptables :
# yum -y install iptables-services
For iptables and ip6tables :
# touch /etc/sysconfig/iptables # touch /etc/sysconfig/ip6tables
Start the Iptables service :
# systemctl start iptables
# systemctl start ip6tables
Boot time service Start :
# systemctl enable iptables
# systemctl enable ip6tables
Install & Download dependencies for CSF :
yum -y install perl perl-libwww-perl net-tools wget perl-GDGraph perl-LWP-Protocol-https -y
Download the CSF installer :
# cd /opt # wget https://download.configserver.com/csf.tgz
Uncompress download CSF file.
# tar xzf csf.tgz
Run the installer :
# cd csf #sh install.sh
You can remove installation files after installation that is /opt/csf and /opt/csf.tgz
After installation you should check the iptables new module will work or not . run below command and check the output , it will look my below output.
# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_recent...OK Testing xt_connlimit...OK Testing ipt_owner/xt_owner...OK Testing iptable_nat/ipt_REDIRECT...OK Testing iptable_nat/ipt_DNAT...OK RESULT: csf should function on this server
Here no fatal error is showing , so this firewall should work perfectly.
Configuring CSF Firewall :
Basic configuration file of CSF firewall is in /etc/csf directory with name csf.conf. You should have good knowledge of networking concept and port for configuring firewall.
After making change you need to run below command for update changes in firewall settings.
I am a professional freelance contributor and founder of tech transit. Love to write and lover of education, culture, and community. I have been using it, setting, supporting, and maintaining it since 2009.Linux rocks!