CSF is one of the best firewall application for your Linux based servers. We have already dicussed a lot about CSF and its command usages. Refer this to Install CSF on your server. We have a lot of options available with CSF. Here I am discussing about the temporary IP blocking feature of CSF.
Yes, there is an option to configure the IPTABLES rules for blocking IPs temporary with the help of CSF. You can use it simply from the command-line. Similarly you can add an Iptables rule to allow IPs temporary. Here I am explaining, how it is possible via command-line?
You can use the switch “t” along with “a” and “d” to allow and deny IPs temporary. Here I am explaining some useful usages with examples.
How to Block/Deny an IP address in CSF temporary(for a particular time period) ?
Here is the syntax:
csf -td ip ttl [-p port] [-d direction] [comment]
Or
csf --tempdeny ip ttl [-p port] [-d direction] [comment]
The “ttl” representing the Time-To-Live option in seconds. Example, 3600 for 1 hour block.
Default value is 3600 seconds.
Example:
root@root [~/csf]# csf -td 66.8x.xx.xx
DROP all opt -- in !lo out * 66.8x.xx.xx -> 0.0.0.0/0
csf: 66.8x.xx.xx blocked on port * for 3600 seconds inbound
For a specified time period, you can directly mention that time interval just after the IP.
Example:
root@root [~/csf]# csf -td 66.8x.xx.xx
DROP all opt -- in !lo out * 66.8x.xx.xx -> 0.0.0.0/0
csf: 66.8x.xx.xx blocked on port * for 60 seconds inbound
How to Unblock/Allow an IP address in CSF temporary(for a particular time period) ?
You can use the the switch “a” to allow IP.
Syntax:
csf -ta ip ttl [-p port] [-d direction] [comment]
Or
csf --tempallow ip ttl [-p port] [-d direction] [comment]
Example:
[root@server ~]# csf -ta 66.8x.1xx.xx
ACCEPT all opt -- in !lo out * 66.8x.1xx.xx -> 0.0.0.0/0
ACCEPT all opt -- in * out !lo 0.0.0.0/0 -> 66.8x.1xx.xx
csf: 66.8x.1xx.xx allowed on port * for 3600 seconds in and outbound
Displays the current list of temporary allow and deny IP entries with their TTL and comment.
Use the switch “t” to displays the current list. This
csf -t
Or
csf --temp
Example:
root@root [~/csf]# csf -t
A/D IP address Port Dir Time To Live Comment
DENY 66.8x.xx.xx * in 59m 44s Manually added
Remove an IP from the temporary IP ban or allow list
The switch ‘r’ is using to remove an IP address from temporary list.
Syntax:
csf -tr
Or
csf --temprm ip
Example:
root@root [~/csf]# csf -tr 66.8x.xx.xx
DROP all opt -- in !lo out * 66.8x.xx.xx -> 0.0.0.0/0
csf: 66.8x.xx.xx temporary block removed
csf: There are no temporary IP allows
Flush all IPs from the temporary IP entries
To flush all IPs from temporary list.
Syntax:
csf -tf
Or
csf --tempf
Example:
root@root [~/csf]# csf -tf
DROP all opt -- in !lo out * 66.8x.xx.xx -> 0.0.0.0/0
csf: 66.8x.xx.xx temporary block removed
csf: There are no temporary IP allows
That’s it..
Related posts:
1, CSF commands for Unix/Linux servers
2, How to find whether the IP address is blacklisted or not in CSF
3, How to block countries from server by using csf
4, Process tracking with the help of csf
5, Easy way to Enable/Disable CSF
What is iptables in Linux?
What is iptables in Linux? We can call, it’s the basics of Firewall for Linux. Iptables is a rule based firewall system and it is normally pre-installed on a Unix operating system which is controlling the incoming and outgoing packets. By-default the iptables is running without any rules, we can create, add, edit rules into it.
In this article I am trying to explain the basics of iptables with some common practices.
Hope, this topic will give you the basics of iptables.
3600 seconds is one hour, not one minute ))
😀 updated.
If you want to block the IP address by country using csf, you can export it from the free service ip2location. com/free/visitor-blocker