How to configure firewall in linux

 Home / Uncategorized / How to configure firewall in linux
15Oct, 2013
0

How to configure firewall in linux

Follow this Steps: This may help you

Step1. Lets install csf firewall

1.1 Download CSF Firewall
Code:
wget http://www.configserver.com/free/csf.tgz

1.2 Extracting downloaded files
Code:
tar -xzf csf.tgz

1.3 Changing the directory for installation
Code:
cd csf

1.4 Installation of CSF
Code:
sh install.sh

1.5 Now lets test csf
Code:
perl /etc/csf/csftest.pl

1.6 Remove any other firewall installed
Code:
sh /etc/csf/remove_apf_bfd.sh

Step2: Download basic configures CSF Configuration File by running bellow command

2.1 Download csf.conf file
Code:
wget -N http://www.ultratechhost.com/download/csf.conf

2.2 Lets take backup of current csf.conf file for security purpose
Code:
mv /etc/csf/csf.conf /etc/csf/csf.conf.bak

2.3 Lets move downloaded csf.conf by running command
Code:
mv csf.conf /etc/csf/csf.conf

2.4 Now restart csf
Code:
/usr/sbin/csf -r

Step3. Lets Configure CSF by Editing csf.conf file
Code:
nano /etc/csf/csf.conf

And do bellow changes you can use ctrl + w to search the proper word stated bellow and change it to your need

3.1 The following TAG will run csf in Testing Mode as if we by mistake block ourself out, it will flush all firewall rules in 5 minutes to get us in and fixed it.
Code:
TESTING = “1″
We will change it to zero “0″ when we finished and sure we have all right rules in.

3.2 Put your all ports which you want to be open on your server for incoming traffic seperated by comma.
Code:
TCP_IN = “20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,30000:50000”

3.3 Also open any port you want for outgoing traffic
Code:
TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,587,873,2087,2089,2703,30000:50000”

3.4 Same goes for UDP_IN and UDP_OUT, be remember if you are running DNS service, so you have to open port 53 in UDP_IN as DNS port 53 runs on udp rather than tcp
Code:
UDP_IN = “20,21,53″

3.5 To allow outgoing traceroute add 33434:33523 to this list
Code:
UDP_OUT = “20,21,53,113,123,33434:33523″


About The Author

blogadmin">Read more