Handy CSF firewall Commands for System Admins

CSF (ConfigServer Security & Firewall) is a popular firewall and security tool for Linux servers. CSF is full featured firewall which contains many features and works on Linux out of the box. Its a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.

Here are some common commands that you can use with CSF:

Start CSF:

To start CSF, use the following command:

csf -s

Stop CSF:

To stop CSF, use the following command:

csf -x

Restart CSF:

To restart CSF, use the following command:

csf -r

Restart all (restart both csf & lfd). Use this option after editing csf.conf :

csf -ra

Check CSF status:

To check the status of CSF, use the following command:

csf -status

Allow an IP address:

To allow an IP address through the firewall, use the following command:

csf -a 

you can add the comment after the ip with space

example : csf -a 1.1.1.1 allowed by admin

Unblock an IP address:

To unblock an IP address that has been blocked by CSF, use the following command:

csf -dr 

Block an IP address:

To block an IP address, use the following command:

csf -d 

you can add the comment after the ip with space

example : csf -d 1.1.1.1 blocked by admin

View blocked IP addresses:

To view a list of blocked IP addresses, use the following command:

csf -g

to find specific ip in blocked list use below command :
csf -g 1.1.1.1

Unblock all IP addresses:

To unblock all IP addresses that have been blocked by CSF, use the following command:

csf -df

Check for updates to csf but do not upgrade :

csf -c

To update CSF :

csf -u

To Force update :

csf -uf

Get an IP’s information country of origin & hostname/ptr :

csf -i IP

usage : csf -i 1.1.1.1

Hope this helped and you can add your own commands below in the comment to help others.