Server Guru

Just another Tech Blog

LinuxSecurity

Install CSF and LFD on a Linux server

 

 

In order to install CSF and LFD please follow the steps given below.

 

Step 1 : Download the CSF file from the official site.

 

root@server:/usr/src# wget https://download.configserver.com/csf.tgz
–2017-12-29 18:24:26– https://download.configserver.com/csf.tgz
Resolving download.configserver.com (download.configserver.com)… 85.10.199.177
Connecting to download.configserver.com (download.configserver.com)|85.10.199.177|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 1549761 (1.5M) [application/x-gzip]
Saving to: ‘csf.tgz’
csf.tgz 100%[=================================================>] 1.48M 1.13MB/s in 1.3s
2017-12-29 18:24:28 (1.13 MB/s) – ‘csf.tgz’ saved [1549761/1549761]
root@server:/usr/src#

 

Step 2 : Extract the file “csf.tgz”

root@server:/usr/src# tar -xzf csf.tgz

 

Step 3 : Check the compatibility by executing the following command.

 

root@server:/usr/src# perl csf/csftest.pl
Testing ip_tables/iptable_filter…OK
Testing ipt_LOG…OK
Testing ipt_multiport/xt_multiport…OK
Testing ipt_REJECT…OK
Testing ipt_state/xt_state…OK
Testing ipt_limit/xt_limit…OK
Testing ipt_recent…OK
Testing xt_connlimit…OK
Testing ipt_owner/xt_owner…OK
Testing iptable_nat/ipt_REDIRECT…OK
Testing iptable_nat/ipt_DNAT…OK
RESULT: csf should function on this server

 

Step 4 : Now you can install CSF by executing the “install.sh” script under the extracted directory.

 

root@server:/usr/src/csf# sh install.sh

 

Step 5 : Disable the TESTING mode in “/etc/csf/csf.conf”

 

You can disable the TESTING by changing the parameter TESTING = “1” to TESTING = “0”

 

Step 6 : Restart CSF and LFD by executing the following commands.

 

root@server:/usr/src/csf# service csf restart
root@server:/usr/src/csf# service lfd restart

Step 7 : Now you can check the status.

 

root@server:/usr/src/csf# service csf status
● csf.service – ConfigServer Firewall & Security – csf
Loaded: loaded (/usr/lib/systemd/system/csf.service; enabled; vendor preset: enabled)
Active: active (exited) since Fri 2017-12-29 18:34:25 UTC; 14s ago
Process: 23999 ExecStop=/usr/sbin/csf –stop (code=exited, status=0/SUCCESS)
Process: 23968 ExecStop=/usr/sbin/csf –initdown (code=exited, status=0/SUCCESS)
Process: 24033 ExecStart=/usr/sbin/csf –initup (code=exited, status=0/SUCCESS)
Main PID: 24033 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
Memory: 0B
CPU: 0
CGroup: /system.slice/csf.service
Dec 29 18:34:25 server.serverguru.ca systemd[1]: Starting ConfigServer Firewall & Security – csf…
Dec 29 18:34:25 server.serverguru.ca csf[24033]: *WARNING* URLGET set to use LWP but perl module is not installed, revert
Dec 29 18:34:25 server.serverguru.ca csf[24033]: (restoring iptables) (restoring ip6tables)
Dec 29 18:34:25 server.serverguru.ca systemd[1]: Started ConfigServer Firewall & Security – csf.
root@server:/usr/src/csf# service lfd status
● lfd.service – ConfigServer Firewall & Security – lfd
Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2017-12-29 18:35:32 UTC; 3s ago
Process: 25526 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
Main PID: 25552 (lfd – sleeping)
Tasks: 1 (limit: 4915)
Memory: 75.1M
CPU: 1.912s
CGroup: /system.slice/lfd.service
└─25552 lfd – sleeping
Dec 29 18:35:31 server.serverguru.ca systemd[1]: Starting ConfigServer Firewall & Security – lfd…
Dec 29 18:35:32 server.serverguru.ca systemd[1]: Started ConfigServer Firewall & Security – lfd.
Dec 29 18:35:32 server.serverguru.ca sendmail[25566]: vBTIZWZj025566: from=root, size=11607, class=0, nrcpts=1, msgid=<20
Dec 29 18:35:32 server.serverguru.ca sendmail[25566]: vBTIZWZj025566: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay
Dec 29 18:35:32 server.serverguru.ca sendmail[25572]: vBTIZWg9025572: from=root, size=408, class=0, nrcpts=1, msgid=<2017
Dec 29 18:35:33 server.serverguru.ca sendmail[25572]: vBTIZWg9025572: to=root, ctladdr=root (0/0), delay=00:00:01, xdelay
Dec 29 18:35:33 server.serverguru.ca sendmail[25575]: vBTIZXng025575: from=root, size=371, class=0, nrcpts=1, msgid=<2017
Dec 29 18:35:33 server.serverguru.ca sendmail[25575]: vBTIZXng025575: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay
Dec 29 18:35:33 server.serverguru.ca sendmail[25579]: vBTIZXT3025579: from=root, size=361, class=0, nrcpts=1, msgid=<2017
Dec 29 18:35:33 server.serverguru.ca sendmail[25579]: vBTIZXT3025579: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay

Leave a Reply