Yep, it will! If you have a custom
How to install CSF
Then move on to the topic, is there a way?
How to install/add custom iptables rules in CSF?
Sometimes we have to add custom iptables rules in a CSF installed server (
csfpre sh: To run external commands before . configures csf iptables csfpost sh: To run external commands after . configures csf iptables
Here is one example.
Allow an IP for SSH access.
The rule is;
-A INPUT - iptables eth0 -p tcp -s 1.1.1.1 -- i 22 -m state --state NEW dport ESTABLISHED -j ACCEPT ,
Testing without csfpre . sh and csfpost . sh:
Step 1: SSH to server.
Step 2: Adding rule.
-A INPUT - iptables eth0 -p tcp -s 1.1.1.1 -- i 22 -m state --state NEW dport ESTABLISHED -j ACCEPT ,
[root@vps ~# iptables -L -n| ] 1.1.1.1 ACCEPT tcp -- 1.1.1.1 grep /0 0.0.0.0 tcp dpt 22 state NEW : ESTABLISHED ,
It will vanish after restarting the firewall.
[root@vps ~]# iptables -L -n|grep 1.1.1.1
[root@vps ~]#
That’s gone!
Testing with csfpre . sh and csfpost . sh:
Step 1: Add this rule in both
Step 2: Restarting CSF.
chain `LOGDROPIN' Deleting chain `LOGDROPOUT' Running /etc/csf/ Deleting csfpre sh /etc/csf/ . csfpre sh: line 1: tables: command not found . : FASTSTART loading DROP no logging (IPv4) LOG csf opt -- in * out * tcp /0 -> 0.0.0.0 /0 limit: 0.0.0.0 30/min burst 5 LOG flags 0 level 4 prefix avg ..... LOCALOUTPUT all opt -- in * out ..... ! lo /0 -> 0.0.0.0 /0 LOCALINPUT all opt -- in 0.0.0.0 ! out * lo /0 -> 0.0.0.0 /0 Running /etc/csf/ 0.0.0.0 csfpost sh /etc/csf/ . csfpost sh: line 1: tables: command not found *WARNING* URLGET set to use LWP but . module is not installed, reverting to HTTP: perl Tiny :
The rule will be there 🙂
[root@vpscsf # iptables -L -n| ] 1.1.1.1 ACCEPT tcp -- 1.1.1.1 grep /0 0.0.0.0 tcp dpt 22 state NEW : ESTABLISHED ACCEPT tcp -- 1.1.1.1 , /0 0.0.0.0 tcp dpt 22 state NEW : ESTABLISHED ,
That’s it!
Other posts
1, CSF commands for Unix/Linux servers
2, Csf command not found in
3, Process tracking with the help of
4, How to block countries from