ConfigServer Firewall (CSF) is my preferred alternative to iptables. It’s very easy to install.
First, we need to prepare yum. You’ll want to be root for this:
yum update
yum install -y perl bind-utils
Next, download and install CSF from its source:
cd /usr/src
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
Once that’s done, check whether the installation has worked:
perl /usr/local/csf/bin/csftest.pl
After that has run successfully, you need to turn off CSF’s training mode:
vi /etc/csf/csf.conf
Find the TESTING
setting, and set it to 0
from 1
If you’ll be using CSF with Docker, now is the time to set the DOCKER
flag to 1
from 0
Start CSF:
csf -s
Restart CSF with this command:
csf -r
Now CSF has been installed and configured successfully!