ConfigServer Security & Firewall (CSF) is a popular firewall and security tool for Linux systems. A Stateful Packet Inspection (SPI) firewall uses iptables to filter traffic on your system. Here are the steps to install CSF on Debian 11:
Step 1. Before installing the ConfigServer Security & Firewall (CSF) software, ensure your system has all the latest updates.
[root@my ~]# apt update && apt upgradeStep 2. Install ConfigServer Security & Firewall (CSF) required dependencies by running the following command:
[root@my ~]# apt-get install sendmail dnsutils unzip libwww-perl libio-socket-ssl-perl libcrypt-ssleay-perl git perl iptables libnet-libidn-perl libio-socket-inet6-perl libsocket6-perl -y Step 3. Download the latest version of CSF from the official website:
[root@my ~]# wget https://download.configserver.com/csf.tgzStep 4. Extract the downloaded file:
[root@my ~]# tar -xzf csf.tgzStep 5. Change to the CSF directory:
[root@my ~]# cd csfStep 6. Install CSF by running the installation script:
[root@my ~]# sudo ./install.shNow you will receive the output “Installation Completed”, which indicates the successful installation.
Step 7. To check if everything works fine and if all the iptables modules are loaded, you can run the following command.
[root@my ~] perl /usr/local/csf/bin/csftest.plNow you will receive the output Below.
[root@my ~]# Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK
RESULT: csf should function on this serverNote: Make sure that you have sudo privileges or are logged in as the root user to perform these commands. Also, it’s important to test your firewall rules to ensure that they are working as expected.