Block all IP Addresses CSF

If i remember correctly, csf already blocks all IPs. If you need to whitelist, there's /etc/csf.* to read. Also, the csf readme does shed some light.

 

The easiest way to block incoming and outgoing conections except of whitelisted IPs is to issue the following:

csf -d 0.0.0.0/0 "block all connections"

Be carefull and ensure that your IP is whitelisted

 

What is the reverse command of this command?

 

Most likely you were looking for the following command:

Code:

csf -dr 0.0.0.0/0

It`s true, that such commands are very dangerous and should not be applied blindly. The best thing is that CSF is dynamic firewall management software and supports temporary rules. So in this particular case we can also use the following syntax to block all in/out connections for 60 seconds:

Code:

# csf -td 0.0.0.0/0 60 -d inout "block all in/out connections for 60 seconds"
DROP  all opt -- in !lo out *  0.0.0.0/0  -> 0.0.0.0/0
DROP  all opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0
csf: 0.0.0.0/0 blocked on port * for 60 seconds in and outbound
# csf -t

A/D   IP address                               Port   Dir   Time To Live     Comment
DENY  0.0.0.0/0                                  *    inout 54s              block all in/out connections for 60 seconds

# csf -tr 0.0.0.0/0

 

There's an easy solution here.

make sure you csf -a $yourIP first, so you're whitelisted.

Then just remove all inbound allowed TCP ports from CSF config. Whitelisted IP's bypass closed ports. Restart csf, Problem solved.