CSF Parametros - Foro Support - Manuales tecnicos

Announcement

Collapse
No announcement yet.

CSF Parametros

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • CSF Parametros

    CSF Config Server Firewall
    You can view the csf command line options by using:

    # csf -h

    Usage: /usr/sbin/csf [option] [value]

    Option Meaning
    -h, --help Show this message
    -l, --status List/Show iptables configuration
    -l6, --status6 List/Show ip6tables configuration
    -s, --start Start firewall rules
    -f, --stop Flush/Stop firewall rules (Note: lfd may restart csf)
    -r, --restart Restart firewall rules
    -q, --startq Quick restart (csf restarted by lfd)
    -sf, --startf Force CLI restart regardless of LF_QUICKSTART setting
    -a, --add ip Allow an IP and add to /etc/csf.allow
    -ar, --addrm ip Remove an IP from /etc/csf.allow and delete rule
    -d, --deny ip Deny an IP and add to /etc/csf.deny
    -dr, --denyrm ip Unblock an IP and remove from /etc/csf.deny
    -df, --denyf Remove and unblock all entries in /etc/csf.deny
    -g, --grep ip Search the iptables rules for an IP match (incl. CIDR)
    -t, --temp Displays the current list of temp IP entries and their TTL
    -tr, --temprm ip Remove an IPs from the temp IP ban and allow list
    -td, --tempdeny ip ttl [-p port] [-d direction]
    Add an IP to the temp IP ban list. ttl is how long to
    blocks for (default:seconds, can use one suffix of h/m/d).
    Optional port. Optional direction of block can be one of:
    in, out or inout (default:in)
    -ta, --tempallow ip ttl [-p port] [-d direction]
    Add an IP to the temp IP allow list (default:inout)
    -tf, --tempf Flush all IPs from the temp IP entries
    -cp, --cping PING all members in an lfd Cluster
    -cd, --cdeny ip Deny an IP in a Cluster and add to /etc/csf.deny
    -ca, --callow ip Allow an IP in a Cluster and add to /etc/csf.allow
    -cr, --crm ip Unblock an IP in a Cluster and remove from /etc/csf.deny
    -cc, --cconfig [name] [value]
    Change configuration option [name] to [value] in a Cluster
    -cf, --cfile [file] Send [file] in a Cluster to /etc/csf/
    -crs, --crestart Cluster restart csf and lfd
    -m, --mail [addr] Display Server Check in HTML or email to [addr] if present
    -lr, --logrun Initiate Log Scanner report via lfd
    -c, --check Check for updates to csf but do not upgrade
    -u, --update Check for updates to csf and upgrade if available
    -uf Force an update of csf
    -x, --disable Disable csf and lfd
    -e, --enable Enable csf and lfd if previously disabled
    -v, --version Show csf version

    These options allow you to easily and quickly control and view csf. All the
    configuration files for csf are in /etc/csf and include:

    csf.conf - the main configuration file, it has helpful comments explaining what each option does

    csf.allow - a list of IP's and CIDR addresses that should always be allowed through the firewall

    csf.deny - a list of IP's and CIDR addresses that should never be allowed through the firewall

    csf.ignore - a list of IP's and CIDR addresses that lfd should ignore and not block if detected

    csf.*ignore - various ignore files that list files, users, IP's that lfd should ignore. See each file for their specific purpose and tax
    Last edited by soporte; 10-13-2012, 10:03 AM.
Working...
X