Search Our Database

How to install ConfigServer Security and Firewall (csf) in Almalinux

Last updated on |
by

This is a guide on how to install csf in Almalinux.

Step 1: Login to your Almalinux’s server first

 

Step 2: Once login, make sure to run the command below to ensure all the application on your server is up-to-date

sudo dnf update

 

Step 3: After all the apps are updated, you would need to install dependencies that csf required.

sudo dnf install perl-libwww-perl perl-Math-BigInt wget

 

Step 4: You’ll need to download the CSF files to the correct directories in the server. So first you would need to navigate to the following using the cd command. Afterwards, download the csf files by using the wget command.

cd /usr/src

wget https://download.configserver.com/csf.tgz

 

Step 5: Extract the csf files by running the command tar, if you don’t have tar installed in the server, please install it by running [sudo dnf install tar]. Then, navigate in the csf directories.

tar xzf csf.tgz

cd csf

 

Step 6: Now you can install csf in the server with running the commands:

sh install.sh

perl /usr/local/csf/bin/csftest.pl

You should see the following output:

[root@cert csf]# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter…OK
Testing ipt_LOG…OK
Testing ipt_multiport/xt_multiport…OK
Testing ipt_REJECT…OK
Testing ipt_state/xt_state…OK
Testing ipt_limit/xt_limit…OK
Testing ipt_recent…OK
Testing xt_connlimit…OK
Testing ipt_owner/xt_owner…OK
Testing iptable_nat/ipt_REDIRECT…OK
Testing iptable_nat/ipt_DNAT…OK

RESULT: csf should function on this server

 

Step 7: You need to configure the csf’s config file in order for the csf to work. Open the config file by running either vi or vim or nano, depending on which editor installed in the server. For this example, we will use vi:

vi /etc/csf/csf.conf

Then, change TESTING = ‘1’ to TESTING = ‘0’. Without changing these, the daemon would fail to start.You can also allow incoming and outgoing port in the config file. You can do these afterwards as well.

 

Step 8: After you are done with the configuration of the config file, you need to restart and enable csf.

systemctl restart csf && systemctl restart lfd

systemctl enable csf && systemctl enable lfd

systemctl status csf && systemctl status lfd

Run the command below to check the version installed:

csf -v

 

There you go! The csf is now all set in the server. You can run the command below to know how to use csf command in the server.

man csf