Facebook Twitter Instagram
    TecAdmin
    • Home
    • Ubuntu 20.04
      • Upgrade Ubuntu
      • Install Java
      • Install Node.js
      • Install Docker
      • Install LAMP Stack
    • Tutorials
      • AWS
      • Shell Scripting
      • Docker
      • Git
      • MongoDB
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    Home»Linux Tutorials»How to Add Custom iptables Rules in CSF Firewall

    How to Add Custom iptables Rules in CSF Firewall

    RahulBy RahulNovember 27, 20132 Mins ReadUpdated:August 22, 2021

    CSF (ConfigServer Firewall) is an iptables based firewall, provides easier way to implement iptables rules. Sometimes we need to add specific rules (e.g. iptables rules not covered by CSF) to add in CSF. If we add these rules using iptables command directly from the shell, they will be erased on next CSF restart. After installing CSF firewall on Linux, This article will help you to add custom iptables rules in CSF firewall.

    CSF provides pre and post scripts, where pre is executed before and post is executed after applying the rules by the CSF firewall. For example you want to open port 3306 ( Default MySQL ) to specific ip. You can add following rules to pre or post script

    • csfpre.sh – To run external commands before csf configures iptables
    • csfpost.sh – To run external commands after csf configures iptables

    Before CSF Rules

    Create a file /etc/csf/csfpre.sh and add the iptables rules, which you want to execute before CSF applied own rules.

    iptables -I INPUT -s 1.2.3.4 -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
    
    After CSF Rules

    Create an file /etc/csf/csfpost.sh and add the iptables rules, which you want to apply after CSF add its own rules to firewall.

    iptables -I INPUT -s 1.2.3.4 -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
    
    Restart CSF

    To restart CSF simply type below command and watch the results. CSF produce lots of output so you may not see entire output in one script, so also add more command to see page wise results.

    csf -r | more
    

    See below the few part of output

    ...
    ...
    Deleting chain `LOCALOUTPUT'
    Deleting chain `LOGDROPIN'
    Deleting chain `LOGDROPOUT'
    Running /etc/csf/csfpre.sh
    DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:67
    DROP  udp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  udp dpt:67
    ...
    ...
    ...
    ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 8.8.8.8  tcp dpt:53
    LOCALOUTPUT  all opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0
    LOCALINPUT  all opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0
    LOCALOUTPUT  all opt    in * out !lo  ::/0  -> ::/0
    LOCALINPUT  all opt    in !lo out *  ::/0  -> ::/0
    Running /etc/csf/csfpost.sh
    

    Thank you! for using this article. Click here to read more about CSF configuration.

    add custom rules to csf add custom rules to iptables to csf CSF custom rules to iptables with csf custom rules with csf how to add custom rules to csf iptables with CSF
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp
    Previous ArticleSetup Apache Traffic Server as Reverse Proxy on Linux
    Next Article How to Write Text On Image using Linux Command

    Related Posts

    What is the /etc/aliases file

    2 Mins Read

    What is the /etc/nsswitch.conf file in Linux

    2 Mins Read

    How to Setup Squid Proxy Server on Ubuntu and Debian

    Updated:June 17, 20225 Mins Read

    How to Delete a Let’s Encrypt Certificate using Certbot

    Updated:June 3, 20222 Mins Read

    How to Install Latest Git on Ubuntu 22.04

    Updated:May 31, 20222 Mins Read

    How To Install LibreOffice on Ubuntu 22.04

    Updated:May 23, 20222 Mins Read

    4 Comments

    1. Júlio C. on December 19, 2017 6:36 pm

      Perfect, Thanks!

      Reply
    2. yashar esmaildokht on December 10, 2016 3:50 pm

      thanks , good article .

      Reply
    3. Jon on May 27, 2016 2:39 pm

      I’ve been looking for exactly this, thank you!

      Reply
    4. Salcoder on May 12, 2015 7:31 am

      Great info!

      Thanks for sharing.

      Reply

    Leave A Reply Cancel Reply

    Recent Posts
    • How To Install Docker on Ubuntu 22.04
    • How to Install Bower on Ubuntu 22.04 & 20.04
    • How to run “npm start” through Docker
    • Filesystem Hierarchy Structure (FHS) in Linux
    • How to accept user input in Python
    Facebook Twitter Instagram Pinterest
    © 2022 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.