[PPNL-Techteam] installatie csf
Bob Sikkema | DigitalForce.eu
bob.sikkema at digitalforce.eu
Tue Jul 3 21:09:29 CEST 2012
mkdir ~/install ; cd ~/install
wget http://www.configserver.com/free/csf.tgz
tar xzfv csf.tgz
cd csf
sh install.sh
Next, test whether you have the required iptables modules: CONNLIMIT
feature niet aanwezig in centos 5
perl /etc/csf/csftest.pl
#delete apf bfd
sh /etc/csf/remove_apf_bfd.sh
webmin module
Install csf as above
Install the csf webmin module in:
Webmin > Webmin Configuration > Webmin Modules >
From local file > /etc/csf/csfwebmin.tgz > Install Module
Config
TESTING="0"
SAFECHAINUPDATE = 1 # Safe Chain Update. If enabled, all dynamic update
chains
#nee!DYNDNS = 1 #enables /etc/csf/csf.dyndns. maakt allow op dns naam
mogelijk
LF_DSHIELD = 1800 # Enable IP range blocking using the DShield Block
List at http://feeds.dshield.org/block.txt
LF_SPAMHAUS = 1800 # Enable IP range blocking using the Spamhaus DROP
List at http://www.spamhaus.org/drop/index.lasso
LF_BOGON = 1800 # Enable IP range blocking using the BOGON List at
http://www.cymru.com/Bogons/
LF_SMTPAUTH = 20 # Enable login failure detection of SMTP AUTH
connections. To low, teveel klachten gebruikers.
PS_PERMANENT = 1 # You can select whether IP blocks for Port Scan
Tracking should be temporary or permanent.
CLUSTER_SENDTO
CLUSTER_RECVFROM
CLUSTER_MASTER
CLUSTER_KEY
CLUSTER_CONFIG = 1 indien slave
Firewall redirects
/etc/csf/csf.redirect
*|2525|*|25|tcp
config check
More information about the Techteam
mailing list