CSF commands to allow/deny IP addresses for temporary – Command line option

CSF is one of the best firewall application for your Linux based servers. We have already dicussed a lot about CSF and its command usages. Refer this to Install CSF on your server. We have a lot of options available with CSF. Here I am discussing about the temporary IP blocking feature of CSF.

Yes, there is an option to configure the IPTABLES rules for blocking IPs temporary with the help of CSF. You can use it simply from the command-line. Similarly you can add an Iptables rule to allow IPs temporary. Here I am explaining, how it is possible via command-line?

You can use the switch “t” along with “a” and “d” to allow and deny IPs temporary. Here I am explaining some useful usages with examples.

How to Block/Deny an IP address in CSF temporary(for a particular time period) ?

Here is the syntax:

csf -td ip ttl [-p port] [-d direction] [comment]
Or
csf --tempdeny ip ttl [-p port] [-d direction] [comment]

The “ttl” representing the Time-To-Live option in seconds. Example, 3600 for 1 hour block.
Default value is 3600 seconds.

Example:

[email protected] [~/csf]# csf -td 66.8x.xx.xx
DROP  all opt -- in !lo out *  66.8x.xx.xx  -> 0.0.0.0/0
csf: 66.8x.xx.xx blocked on port * for 3600 seconds inbound

For a specified time period, you can directly mention that time interval just after the IP.
Example:

[email protected] [~/csf]# csf -td 66.8x.xx.xx
DROP  all opt -- in !lo out *  66.8x.xx.xx  -> 0.0.0.0/0
csf: 66.8x.xx.xx blocked on port * for 60 seconds inbound

How to Unblock/Allow an IP address in CSF temporary(for a particular time period) ?
You can use the the switch “a” to allow IP.

Syntax:

csf -ta ip ttl [-p port] [-d direction] [comment]
Or
csf --tempallow ip ttl [-p port] [-d direction] [comment]

Example:

[[email protected] ~]# csf -ta 66.8x.1xx.xx
ACCEPT  all opt -- in !lo out *  66.8x.1xx.xx  -> 0.0.0.0/0
ACCEPT  all opt -- in * out !lo  0.0.0.0/0  -> 66.8x.1xx.xx
csf: 66.8x.1xx.xx allowed on port * for 3600 seconds in and outbound

Displays the current list of temporary allow and deny IP entries with their TTL and comment.
Use the switch “t” to displays the current list. This

csf -t 
Or 
csf --temp

Example:

[email protected] [~/csf]# csf -t

A/D   IP address                               Port   Dir   Time To Live     Comment
DENY  66.8x.xx.xx                                *    in    59m 44s          Manually added

Remove an IP from the temporary IP ban or allow list
The switch ‘r’ is using to remove an IP address from temporary list.
Syntax:

csf -tr 
Or 
csf --temprm ip

Example:

[email protected] [~/csf]# csf -tr 66.8x.xx.xx
DROP  all opt -- in !lo out *  66.8x.xx.xx  -> 0.0.0.0/0
csf: 66.8x.xx.xx temporary block removed
csf: There are no temporary IP allows

Flush all IPs from the temporary IP entries
To flush all IPs from temporary list.
Syntax:

csf -tf 
Or 
csf --tempf

Example:

[email protected] [~/csf]# csf -tf
DROP  all opt -- in !lo out *  66.8x.xx.xx  -> 0.0.0.0/0
csf: 66.8x.xx.xx temporary block removed
csf: There are no temporary IP allows

That’s it..

Related posts:

1, CSF commands for Unix/Linux servers
2, How to find whether the IP address is blacklisted or not in CSF
3, How to block countries from server by using csf
4, Process tracking with the help of csf
5, Easy way to Enable/Disable CSF

Arunlal Ashok

Linux Server Administrator. I'm dealing with Linux servers since 2012. I started this blog to share and discuss my ideas with the world. Check My Profile!! in uPwork (oDesk) and let me know if you need any assistance. Thanks!!

You may also like...

2 Responses

  1. Alex says:

    3600 seconds is one hour, not one minute ))

Leave a Reply

Your email address will not be published. Required fields are marked *