R-Ts NetWorks

Server the Best

Block FTP access using csf firewall


To completely disable the FTP access on the server follow the below steps:

root@server[#] vi /etc/csf/csf.conf

Search for the lines:
# Allow incoming TCP ports
TCP_IN =
and remove the port 21 from the list
Save and quit.

And then restart the CSF firewall using the below command:

root@server[#] csf -r

If you want to block FTP access for a Specific IP then follow the below steps:

root@server[#] vi /etc/csf/csf.deny

and add the line :
tcp:in:d=21:s=10.10.10.10

save and quit

And then restart CSF firewall using the below command:

root@server[#] csf -r

If you want to allow FTP access for only one ip on the server and denied for all other IPS

root@server[#] vi /etc/csf/csf.conf

Then search for the line:
# Allow incoming TCP ports
and the remove the ports : 21 and 22

also search for the line :

# Allow outgoing TCP ports
and remove the ports: 21 and 22

Save and quit

Then open the csf.allow file

root@server[#] vi /etc/csf/csf.allow
and add the entry as :

tcp:in:d=21:s=10.10.10.10

Save and Quit.

And then restart the CSF service

root@server[#] csf -r

Note: Replace the IP 10.10.10.10 with the Actual IP.

Advertisements

September 4, 2012 - Posted by | Uncategorized

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: