2

CSF-LFD blocks nearly all open ports. It also blocks port 10000 which I need.

I can open the port via a similar code:

cat << EOF >> /etc/csf/csf.conf

tcp|in|d=10000|s=aa.bb.cc.dd
EOF
service csf restart

For newcomers who read this, note I picked tcp_in because my server is remote to anyone who connects in-to it, and that includes even myself.

My question:

Is it possible to open the port without mentioning any IP etcetra and if so, why? I ask this as I want to make the process of opening the IP automatic, as part of a script I use to install my server environment as well as that people will have a particular answer on this they could find in a Google search; I personally went through some articles and all I found dealt with opening the CSF-closed port only when an IP is attached to it.

1 Answers1

2

As it seems it can be changed via:

nano /etc/csf/csf.conf

There search "TCP_IN" (without quoute marks) and there add 10000 to

TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"

So it would be:

TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,10000"

Save and then restart the CSF service via service csf restart.

I also wanted to go pro and automate this process as part of a script, so I did:

sed -i 'TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"/TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,10000"/g' /etc/csf/csf.conf

But in case you have yet to learn basic sed and basic Bash scripting, just use the first way of changing it manually (I would recommend to learn basic sed and basic Bash scripting for new commers as it could save you much time in Unix work).

Alex Bogias
  • 118
  • 5