Install Firewall Server Debian Wordpres ~ wanSoft

Sebelum memulai instalasi WordPress di Debian 10, kamu perlu meng-install firewall agar lebih aman. Gunakan perintah berikut untuk menginstal CSF (ConfigServer Security & Firewall) yang digunakan pada tutorial kali ini:

# cd /usr/src
root@debian:/usr/src# wget https://download.configserver.com/csf.tgz
--2021-12-10 08:18:35-- https://download.configserver.com/csf.tgz
Resolving download.configserver.com (download.configserver.com)... 94.130.90.175
Connecting to download.configserver.com (download.configserver.com)|94.130.90.175|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2282408 (2.2M) [application/x-gzip]
Saving to: 'csf.tgz'

csf.tgz 100%[==============>] 2.18M 1.71MB/s in 1.3s

2021-12-10 08:18:38 (1.71 MB/s) - 'csf.tgz' saved [2282408/2282408]

/usr/src# tar -xzf csf.tgz
root@debian:/usr/src# cd csf/
root@debian:/usr/src/csf# sh install.sh

Selecting installer...

Running csf generic installer

Installing generic csf and lfd

Check we're running as root

mkdir: created directory '/etc/csf'
'install.txt' -> '/etc/csf/install.txt'
Checking Perl modules...
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
   LANGUAGE = "en_US:en",
   LC_ALL = (unset),
   LC_TIME = "id_ID.UTF-8",
   LC_MONETARY = "id_ID.UTF-8",
   LC_ADDRESS = "id_ID.UTF-8",
   LC_TELEPHONE = "id_ID.UTF-8",
   LC_NAME = "id_ID.UTF-8",
   LC_MEASUREMENT = "id_ID.UTF-8",
   LC_IDENTIFICATION = "id_ID.UTF-8",
   LC_NUMERIC = "id_ID.UTF-8",
   LC_PAPER = "id_ID.UTF-8",
   LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
Configuration modified for Debian/Ubuntu/Gentoo settings /etc/csf/csf.conf
Configuration modified for Debian/Ubuntu/Gentoo to use legacy iptables/ip6tables
...Perl modules OK

mkdir: cannot create directory '/etc/csf': File exists
mkdir: created directory '/var/lib/csf'
mkdir: created directory '/var/lib/csf/backup'
mkdir: created directory '/var/lib/csf/Geo'
mkdir: created directory '/var/lib/csf/ui'
mkdir: created directory '/var/lib/csf/stats'
mkdir: created directory '/var/lib/csf/lock'
mkdir: created directory '/var/lib/csf/webmin'
mkdir: created directory '/var/lib/csf/zone'
mkdir: created directory '/usr/local/csf'
mkdir: created directory '/usr/local/csf/bin'
mkdir: created directory '/usr/local/csf/lib'
mkdir: created directory '/usr/local/csf/tpl'
'csf.generic.conf' -> '/etc/csf/csf.conf'
'csf.generic.allow' -> '/etc/csf/csf.allow'
'csf.deny' -> '/etc/csf/./csf.deny'
'csf.redirect' -> '/etc/csf/./csf.redirect'
'csf.resellers' -> '/etc/csf/./csf.resellers'
'csf.dirwatch' -> '/etc/csf/./csf.dirwatch'
'csf.syslogs' -> '/etc/csf/./csf.syslogs'
'csf.logfiles' -> '/etc/csf/./csf.logfiles'
'csf.logignore' -> '/etc/csf/./csf.logignore'
'csf.blocklists' -> '/etc/csf/./csf.blocklists'
'csf.generic.ignore' -> '/etc/csf/csf.ignore'
'csf.generic.pignore' -> '/etc/csf/csf.pignore'
'csf.rignore' -> '/etc/csf/./csf.rignore'
'csf.fignore' -> '/etc/csf/./csf.fignore'
'csf.signore' -> '/etc/csf/./csf.signore'
'csf.suignore' -> '/etc/csf/./csf.suignore'
'csf.uidignore' -> '/etc/csf/./csf.uidignore'
'csf.mignore' -> '/etc/csf/./csf.mignore'
'csf.sips' -> '/etc/csf/./csf.sips'
'csf.dyndns' -> '/etc/csf/./csf.dyndns'
'csf.syslogusers' -> '/etc/csf/./csf.syslogusers'
'csf.smtpauth' -> '/etc/csf/./csf.smtpauth'
'csf.rblconf' -> '/etc/csf/./csf.rblconf'
'csf.cloudflare' -> '/etc/csf/./csf.cloudflare'
'alert.txt' -> '/usr/local/csf/tpl/./alert.txt'
'reselleralert.txt' -> '/usr/local/csf/tpl/./reselleralert.txt'
'logalert.txt' -> '/usr/local/csf/tpl/./logalert.txt'
'logfloodalert.txt' -> '/usr/local/csf/tpl/./logfloodalert.txt'
'syslogalert.txt' -> '/usr/local/csf/tpl/./syslogalert.txt'
'integrityalert.txt' -> '/usr/local/csf/tpl/./integrityalert.txt'
'exploitalert.txt' -> '/usr/local/csf/tpl/./exploitalert.txt'
'queuealert.txt' -> '/usr/local/csf/tpl/./queuealert.txt'
'modsecipdbalert.txt' -> '/usr/local/csf/tpl/./modsecipdbalert.txt'
'tracking.txt' -> '/usr/local/csf/tpl/./tracking.txt'
'connectiontracking.txt' -> '/usr/local/csf/tpl/./connectiontracking.txt'
'processtracking.txt' -> '/usr/local/csf/tpl/./processtracking.txt'
'accounttracking.txt' -> '/usr/local/csf/tpl/./accounttracking.txt'
'usertracking.txt' -> '/usr/local/csf/tpl/./usertracking.txt'
'sshalert.txt' -> '/usr/local/csf/tpl/./sshalert.txt'
'webminalert.txt' -> '/usr/local/csf/tpl/./webminalert.txt'
'sualert.txt' -> '/usr/local/csf/tpl/./sualert.txt'
'sudoalert.txt' -> '/usr/local/csf/tpl/./sudoalert.txt'
'consolealert.txt' -> '/usr/local/csf/tpl/./consolealert.txt'
'uialert.txt' -> '/usr/local/csf/tpl/./uialert.txt'
'cpanelalert.txt' -> '/usr/local/csf/tpl/./cpanelalert.txt'
'scriptalert.txt' -> '/usr/local/csf/tpl/./scriptalert.txt'
'relayalert.txt' -> '/usr/local/csf/tpl/./relayalert.txt'
'filealert.txt' -> '/usr/local/csf/tpl/./filealert.txt'
'watchalert.txt' -> '/usr/local/csf/tpl/./watchalert.txt'
'loadalert.txt' -> '/usr/local/csf/tpl/./loadalert.txt'
'resalert.txt' -> '/usr/local/csf/tpl/./resalert.txt'
'portscan.txt' -> '/usr/local/csf/tpl/./portscan.txt'
'uidscan.txt' -> '/usr/local/csf/tpl/./uidscan.txt'
'permblock.txt' -> '/usr/local/csf/tpl/./permblock.txt'
'netblock.txt' -> '/usr/local/csf/tpl/./netblock.txt'
'portknocking.txt' -> '/usr/local/csf/tpl/./portknocking.txt'
'forkbombalert.txt' -> '/usr/local/csf/tpl/./forkbombalert.txt'
'recaptcha.txt' -> '/usr/local/csf/tpl/./recaptcha.txt'
'apache.main.txt' -> '/usr/local/csf/tpl/./apache.main.txt'
'apache.http.txt' -> '/usr/local/csf/tpl/./apache.http.txt'
'apache.https.txt' -> '/usr/local/csf/tpl/./apache.https.txt'
'litespeed.main.txt' -> '/usr/local/csf/tpl/./litespeed.main.txt'
'litespeed.http.txt' -> '/usr/local/csf/tpl/./litespeed.http.txt'
'litespeed.https.txt' -> '/usr/local/csf/tpl/./litespeed.https.txt'
'x-arf.txt' -> '/usr/local/csf/tpl/./x-arf.txt'
'regex.custom.pm' -> '/usr/local/csf/bin/./regex.custom.pm'
'pt_deleted_action.pl' -> '/usr/local/csf/bin/./pt_deleted_action.pl'
'messenger' -> '/etc/csf/./messenger'
'messenger/en.php' -> '/etc/csf/./messenger/en.php'
'messenger/index.html' -> '/etc/csf/./messenger/index.html'
'messenger/index.php' -> '/etc/csf/./messenger/index.php'
'messenger/index.recaptcha.html' -> '/etc/csf/./messenger/index.recaptcha.html'
'messenger/index.recaptcha.php' -> '/etc/csf/./messenger/index.recaptcha.php'
'messenger/index.text' -> '/etc/csf/./messenger/index.text'
'ui' -> '/etc/csf/./ui'
'ui/images' -> '/etc/csf/./ui/images'
'ui/images/admin_icon.svg' -> '/etc/csf/./ui/images/admin_icon.svg'
'ui/images/bootstrap' -> '/etc/csf/./ui/images/bootstrap'
'ui/images/bootstrap/css' -> '/etc/csf/./ui/images/bootstrap/css'
'ui/images/bootstrap/css/bootstrap.min.css' -> '/etc/csf/./ui/images/bootstrap/css/bootstrap.min.css'
'ui/images/bootstrap/css/bootstrap.min.css.map' -> '/etc/csf/./ui/images/bootstrap/css/bootstrap.min.css.map'
'ui/images/bootstrap/fonts' -> '/etc/csf/./ui/images/bootstrap/fonts'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.eot' -> '/etc/csf/./ui/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.svg' -> '/etc/csf/./ui/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> '/etc/csf/./ui/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff' -> '/etc/csf/./ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> '/etc/csf/./ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'ui/images/bootstrap/js' -> '/etc/csf/./ui/images/bootstrap/js'
'ui/images/bootstrap/js/bootstrap.min.js' -> '/etc/csf/./ui/images/bootstrap/js/bootstrap.min.js'
'ui/images/bootstrap-chosen.css' -> '/etc/csf/./ui/images/bootstrap-chosen.css'
'ui/images/chosen.min.css' -> '/etc/csf/./ui/images/chosen.min.css'
'ui/images/chosen.min.js' -> '/etc/csf/./ui/images/chosen.min.js'
'ui/images/chosen-sprite@2x.png' -> '/etc/csf/./ui/images/chosen-sprite@2x.png'
'ui/images/chosen-sprite.png' -> '/etc/csf/./ui/images/chosen-sprite.png'
'ui/images/configserver.css' -> '/etc/csf/./ui/images/configserver.css'
'ui/images/csf-loader.gif' -> '/etc/csf/./ui/images/csf-loader.gif'
'ui/images/csf_small.png' -> '/etc/csf/./ui/images/csf_small.png'
'ui/images/csf.svg' -> '/etc/csf/./ui/images/csf.svg'
'ui/images/jquery.min.js' -> '/etc/csf/./ui/images/jquery.min.js'
'ui/images/LICENSE.txt' -> '/etc/csf/./ui/images/LICENSE.txt'
'ui/images/loader.gif' -> '/etc/csf/./ui/images/loader.gif'
'ui/images/reseller_icon.svg' -> '/etc/csf/./ui/images/reseller_icon.svg'
'ui/server.crt' -> '/etc/csf/./ui/server.crt'
'ui/server.key' -> '/etc/csf/./ui/server.key'
'ui/ui.allow' -> '/etc/csf/./ui/ui.allow'
'ui/ui.ban' -> '/etc/csf/./ui/ui.ban'
'csfcron.sh' -> '/etc/cron.d/csf-cron'
'lfdcron.sh' -> '/etc/cron.d/lfd-cron'
'csf.pl' -> '/usr/sbin/csf'
'lfd.pl' -> '/usr/sbin/lfd'
'/etc/csf/csf.pl' -> '/usr/sbin/csf'
'/etc/csf/lfd.pl' -> '/usr/sbin/lfd'
'/etc/csf/csftest.pl' -> '/usr/local/csf/bin/csftest.pl'
'/etc/csf/pt_deleted_action.pl' -> '/usr/local/csf/bin/pt_deleted_action.pl'
'/etc/csf/remove_apf_bfd.sh' -> '/usr/local/csf/bin/remove_apf_bfd.sh'
'/etc/csf/uninstall.sh' -> '/usr/local/csf/bin/uninstall.sh'
'/etc/csf/regex.custom.pm' -> '/usr/local/csf/bin/regex.custom.pm'
'/etc/csf/webmin' -> '/usr/local/csf/lib/webmin'
'/etc/csf/alerts' -> '/usr/local/csf/tpl'
chcon: invalid context: 'system_u:object_r:bin_t:s0': No such file or directory
chcon: invalid context: 'system_u:object_r:bin_t:s0': No such file or directory
mkdir: cannot create directory 'webmin/csf/images': File exists
mkdir: cannot create directory 'ui/images': File exists
mkdir: cannot create directory 'da/images': File exists
mkdir: cannot create directory 'interworx/images': File exists
'csf/LICENSE.txt' -> 'webmin/csf/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'webmin/csf/images/admin_icon.svg'
'csf/bootstrap/css/bootstrap.min.css' -> 'webmin/csf/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'webmin/csf/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/js/bootstrap.min.js' -> 'webmin/csf/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'webmin/csf/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'webmin/csf/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'webmin/csf/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'webmin/csf/images/chosen.min.css'
'csf/chosen.min.js' -> 'webmin/csf/images/chosen.min.js'
'csf/configserver.css' -> 'webmin/csf/images/configserver.css'
'csf/csf-loader.gif' -> 'webmin/csf/images/csf-loader.gif'
'csf/csf.svg' -> 'webmin/csf/images/csf.svg'
'csf/csf_small.png' -> 'webmin/csf/images/csf_small.png'
'csf/jquery.min.js' -> 'webmin/csf/images/jquery.min.js'
'csf/loader.gif' -> 'webmin/csf/images/loader.gif'
'csf/reseller_icon.svg' -> 'webmin/csf/images/reseller_icon.svg'
'csf/LICENSE.txt' -> 'ui/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'ui/images/admin_icon.svg'
'csf/bootstrap/css/bootstrap.min.css' -> 'ui/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'ui/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/js/bootstrap.min.js' -> 'ui/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'ui/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'ui/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'ui/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'ui/images/chosen.min.css'
'csf/chosen.min.js' -> 'ui/images/chosen.min.js'
'csf/configserver.css' -> 'ui/images/configserver.css'
'csf/csf-loader.gif' -> 'ui/images/csf-loader.gif'
'csf/csf.svg' -> 'ui/images/csf.svg'
'csf/csf_small.png' -> 'ui/images/csf_small.png'
'csf/jquery.min.js' -> 'ui/images/jquery.min.js'
'csf/loader.gif' -> 'ui/images/loader.gif'
'csf/reseller_icon.svg' -> 'ui/images/reseller_icon.svg'
'csf/LICENSE.txt' -> 'da/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'da/images/admin_icon.svg'
'csf/bootstrap/css/bootstrap.min.css' -> 'da/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'da/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'da/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/js/bootstrap.min.js' -> 'da/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'da/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'da/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'da/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'da/images/chosen.min.css'
'csf/chosen.min.js' -> 'da/images/chosen.min.js'
'csf/configserver.css' -> 'da/images/configserver.css'
'csf/csf-loader.gif' -> 'da/images/csf-loader.gif'
'csf/csf.svg' -> 'da/images/csf.svg'
'csf/csf_small.png' -> 'da/images/csf_small.png'
'csf/jquery.min.js' -> 'da/images/jquery.min.js'
'csf/loader.gif' -> 'da/images/loader.gif'
'csf/reseller_icon.svg' -> 'da/images/reseller_icon.svg'
'csf/LICENSE.txt' -> 'interworx/images/LICENSE.txt'
'csf/admin_icon.svg' -> 'interworx/images/admin_icon.svg'
'csf/bootstrap/css/bootstrap.min.css' -> 'interworx/images/bootstrap/css/bootstrap.min.css'
'csf/bootstrap/css/bootstrap.min.css.map' -> 'interworx/images/bootstrap/css/bootstrap.min.css.map'
'csf/bootstrap/fonts/glyphicons-halflings-regular.eot' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'csf/bootstrap/fonts/glyphicons-halflings-regular.svg' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'csf/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'csf/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> 'interworx/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'csf/bootstrap/js/bootstrap.min.js' -> 'interworx/images/bootstrap/js/bootstrap.min.js'
'csf/bootstrap-chosen.css' -> 'interworx/images/bootstrap-chosen.css'
'csf/chosen-sprite.png' -> 'interworx/images/chosen-sprite.png'
'csf/chosen-sprite@2x.png' -> 'interworx/images/chosen-sprite@2x.png'
'csf/chosen.min.css' -> 'interworx/images/chosen.min.css'
'csf/chosen.min.js' -> 'interworx/images/chosen.min.js'
'csf/configserver.css' -> 'interworx/images/configserver.css'
'csf/csf-loader.gif' -> 'interworx/images/csf-loader.gif'
'csf/csf.svg' -> 'interworx/images/csf.svg'
'csf/csf_small.png' -> 'interworx/images/csf_small.png'
'csf/jquery.min.js' -> 'interworx/images/jquery.min.js'
'csf/loader.gif' -> 'interworx/images/loader.gif'
'csf/reseller_icon.svg' -> 'interworx/images/reseller_icon.svg'
'messenger/en.php' -> '/etc/csf/messenger/en.php'
'messenger/index.php' -> '/etc/csf/messenger/index.php'
'messenger/index.recaptcha.php' -> '/etc/csf/messenger/index.recaptcha.php'
'uninstall.generic.sh' -> '/usr/local/csf/bin/uninstall.sh'
'csftest.pl' -> '/usr/local/csf/bin/csftest.pl'
'remove_apf_bfd.sh' -> '/usr/local/csf/bin/remove_apf_bfd.sh'
'readme.txt' -> '/etc/csf/readme.txt'
'sanity.txt' -> '/usr/local/csf/lib/sanity.txt'
'csf.rbls' -> '/usr/local/csf/lib/csf.rbls'
'restricted.txt' -> '/usr/local/csf/lib/restricted.txt'
'changelog.txt' -> '/etc/csf/changelog.txt'
'downloadservers' -> '/etc/csf/downloadservers'
'install.txt' -> '/etc/csf/install.txt'
'version.txt' -> '/etc/csf/version.txt'
'license.txt' -> '/etc/csf/license.txt'
'webmin' -> '/usr/local/csf/lib/webmin'
'webmin/csf' -> '/usr/local/csf/lib/webmin/csf'
'webmin/csf/images' -> '/usr/local/csf/lib/webmin/csf/images'
'webmin/csf/images/admin_icon.svg' -> '/usr/local/csf/lib/webmin/csf/images/admin_icon.svg'
'webmin/csf/images/bootstrap' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap'
'webmin/csf/images/bootstrap/css' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/css'
'webmin/csf/images/bootstrap/css/bootstrap.min.css' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/css/bootstrap.min.css'
'webmin/csf/images/bootstrap/css/bootstrap.min.css.map' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/css/bootstrap.min.css.map'
'webmin/csf/images/bootstrap/fonts' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.eot' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.svg' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'webmin/csf/images/bootstrap/js' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/js'
'webmin/csf/images/bootstrap/js/bootstrap.min.js' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap/js/bootstrap.min.js'
'webmin/csf/images/bootstrap-chosen.css' -> '/usr/local/csf/lib/webmin/csf/images/bootstrap-chosen.css'
'webmin/csf/images/chosen.min.css' -> '/usr/local/csf/lib/webmin/csf/images/chosen.min.css'
'webmin/csf/images/chosen.min.js' -> '/usr/local/csf/lib/webmin/csf/images/chosen.min.js'
'webmin/csf/images/chosen-sprite@2x.png' -> '/usr/local/csf/lib/webmin/csf/images/chosen-sprite@2x.png'
'webmin/csf/images/chosen-sprite.png' -> '/usr/local/csf/lib/webmin/csf/images/chosen-sprite.png'
'webmin/csf/images/configserver.css' -> '/usr/local/csf/lib/webmin/csf/images/configserver.css'
'webmin/csf/images/csf-loader.gif' -> '/usr/local/csf/lib/webmin/csf/images/csf-loader.gif'
'webmin/csf/images/csf_small.png' -> '/usr/local/csf/lib/webmin/csf/images/csf_small.png'
'webmin/csf/images/csf.svg' -> '/usr/local/csf/lib/webmin/csf/images/csf.svg'
'webmin/csf/images/jquery.min.js' -> '/usr/local/csf/lib/webmin/csf/images/jquery.min.js'
'webmin/csf/images/LICENSE.txt' -> '/usr/local/csf/lib/webmin/csf/images/LICENSE.txt'
'webmin/csf/images/loader.gif' -> '/usr/local/csf/lib/webmin/csf/images/loader.gif'
'webmin/csf/images/reseller_icon.svg' -> '/usr/local/csf/lib/webmin/csf/images/reseller_icon.svg'
'webmin/csf/index.cgi' -> '/usr/local/csf/lib/webmin/csf/index.cgi'
'webmin/csf/module.info' -> '/usr/local/csf/lib/webmin/csf/module.info'
'ConfigServer' -> '/usr/local/csf/lib/ConfigServer'
'ConfigServer/AbuseIP.pm' -> '/usr/local/csf/lib/ConfigServer/AbuseIP.pm'
'ConfigServer/CheckIP.pm' -> '/usr/local/csf/lib/ConfigServer/CheckIP.pm'
'ConfigServer/CloudFlare.pm' -> '/usr/local/csf/lib/ConfigServer/CloudFlare.pm'
'ConfigServer/Config.pm' -> '/usr/local/csf/lib/ConfigServer/Config.pm'
'ConfigServer/cseUI.pm' -> '/usr/local/csf/lib/ConfigServer/cseUI.pm'
'ConfigServer/DisplayResellerUI.pm' -> '/usr/local/csf/lib/ConfigServer/DisplayResellerUI.pm'
'ConfigServer/DisplayUI.pm' -> '/usr/local/csf/lib/ConfigServer/DisplayUI.pm'
'ConfigServer/GetEthDev.pm' -> '/usr/local/csf/lib/ConfigServer/GetEthDev.pm'
'ConfigServer/GetIPs.pm' -> '/usr/local/csf/lib/ConfigServer/GetIPs.pm'
'ConfigServer/KillSSH.pm' -> '/usr/local/csf/lib/ConfigServer/KillSSH.pm'
'ConfigServer/Logger.pm' -> '/usr/local/csf/lib/ConfigServer/Logger.pm'
'ConfigServer/LookUpIP.pm' -> '/usr/local/csf/lib/ConfigServer/LookUpIP.pm'
'ConfigServer/Messenger.pm' -> '/usr/local/csf/lib/ConfigServer/Messenger.pm'
'ConfigServer/Ports.pm' -> '/usr/local/csf/lib/ConfigServer/Ports.pm'
'ConfigServer/RBLCheck.pm' -> '/usr/local/csf/lib/ConfigServer/RBLCheck.pm'
'ConfigServer/RBLLookup.pm' -> '/usr/local/csf/lib/ConfigServer/RBLLookup.pm'
'ConfigServer/RegexMain.pm' -> '/usr/local/csf/lib/ConfigServer/RegexMain.pm'
'ConfigServer/Sanity.pm' -> '/usr/local/csf/lib/ConfigServer/Sanity.pm'
'ConfigServer/Sendmail.pm' -> '/usr/local/csf/lib/ConfigServer/Sendmail.pm'
'ConfigServer/ServerCheck.pm' -> '/usr/local/csf/lib/ConfigServer/ServerCheck.pm'
'ConfigServer/ServerStats.pm' -> '/usr/local/csf/lib/ConfigServer/ServerStats.pm'
'ConfigServer/Service.pm' -> '/usr/local/csf/lib/ConfigServer/Service.pm'
'ConfigServer/Slurp.pm' -> '/usr/local/csf/lib/ConfigServer/Slurp.pm'
'ConfigServer/URLGet.pm' -> '/usr/local/csf/lib/ConfigServer/URLGet.pm'
'Net' -> '/usr/local/csf/lib/Net'
'Net/CIDR' -> '/usr/local/csf/lib/Net/CIDR'
'Net/CIDR/Lite.pm' -> '/usr/local/csf/lib/Net/CIDR/Lite.pm'
'Net/IP.pm' -> '/usr/local/csf/lib/Net/IP.pm'
cp: cannot stat 'Geo': No such file or directory
'Crypt' -> '/usr/local/csf/lib/Crypt'
'Crypt/Blowfish_PP.pm' -> '/usr/local/csf/lib/Crypt/Blowfish_PP.pm'
'Crypt/CBC.pm' -> '/usr/local/csf/lib/Crypt/CBC.pm'
'HTTP' -> '/usr/local/csf/lib/HTTP'
'HTTP/Tiny.pm' -> '/usr/local/csf/lib/HTTP/Tiny.pm'
'JSON' -> '/usr/local/csf/lib/JSON'
'JSON/Tiny.pm' -> '/usr/local/csf/lib/JSON/Tiny.pm'
'version/version' -> '/usr/local/csf/lib/version'
'version/version/regex.pm' -> '/usr/local/csf/lib/version/regex.pm'
'version/version/vpp.pm' -> '/usr/local/csf/lib/version/vpp.pm'
'version/version.pm' -> '/usr/local/csf/lib/version.pm'
'csf.div' -> '/usr/local/csf/lib/csf.div'
'csfajaxtail.js' -> '/usr/local/csf/lib/csfajaxtail.js'
'ui/images/admin_icon.svg' -> '/etc/csf/ui/./images/admin_icon.svg'
'ui/images/bootstrap/css/bootstrap.min.css' -> '/etc/csf/ui/./images/bootstrap/css/bootstrap.min.css'
'ui/images/bootstrap/css/bootstrap.min.css.map' -> '/etc/csf/ui/./images/bootstrap/css/bootstrap.min.css.map'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.eot' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.eot'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.svg' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.svg'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.ttf' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.ttf'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.woff'
'ui/images/bootstrap/fonts/glyphicons-halflings-regular.woff2' -> '/etc/csf/ui/./images/bootstrap/fonts/glyphicons-halflings-regular.woff2'
'ui/images/bootstrap/js/bootstrap.min.js' -> '/etc/csf/ui/./images/bootstrap/js/bootstrap.min.js'
'ui/images/bootstrap-chosen.css' -> '/etc/csf/ui/./images/bootstrap-chosen.css'
'ui/images/chosen.min.css' -> '/etc/csf/ui/./images/chosen.min.css'
'ui/images/chosen.min.js' -> '/etc/csf/ui/./images/chosen.min.js'
'ui/images/chosen-sprite@2x.png' -> '/etc/csf/ui/./images/chosen-sprite@2x.png'
'ui/images/chosen-sprite.png' -> '/etc/csf/ui/./images/chosen-sprite.png'
'ui/images/configserver.css' -> '/etc/csf/ui/./images/configserver.css'
'ui/images/csf-loader.gif' -> '/etc/csf/ui/./images/csf-loader.gif'
'ui/images/csf_small.png' -> '/etc/csf/ui/./images/csf_small.png'
'ui/images/csf.svg' -> '/etc/csf/ui/./images/csf.svg'
'ui/images/jquery.min.js' -> '/etc/csf/ui/./images/jquery.min.js'
'ui/images/LICENSE.txt' -> '/etc/csf/ui/./images/LICENSE.txt'
'ui/images/loader.gif' -> '/etc/csf/ui/./images/loader.gif'
'ui/images/reseller_icon.svg' -> '/etc/csf/ui/./images/reseller_icon.svg'
'profiles' -> '/usr/local/csf/profiles'
'profiles/block_all_perm.conf' -> '/usr/local/csf/profiles/block_all_perm.conf'
'profiles/block_all_temp.conf' -> '/usr/local/csf/profiles/block_all_temp.conf'
'profiles/disable_alerts.conf' -> '/usr/local/csf/profiles/disable_alerts.conf'
'profiles/protection_high.conf' -> '/usr/local/csf/profiles/protection_high.conf'
'profiles/protection_low.conf' -> '/usr/local/csf/profiles/protection_low.conf'
'profiles/protection_medium.conf' -> '/usr/local/csf/profiles/protection_medium.conf'
'csf.conf' -> '/usr/local/csf/profiles/reset_to_defaults.conf'
'lfd.logrotate' -> '/etc/logrotate.d/lfd'
chcon: failed to get security context of '/etc/logrotate.d': No data available
'csf.1.txt' -> '/usr/local/man/man1/csf.1'
'csf.help' -> '/usr/local/csf/lib/csf.help'
chmod: cannot access '/var/log/lfd.log*': No such file or directory
mode of '/usr/local/csf/bin/csftest.pl' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/pt_deleted_action.pl' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/remove_apf_bfd.sh' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/uninstall.sh' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/usr/local/csf/bin/regex.custom.pm' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/etc/csf/csf.pl' retained as 0700 (rwx------)
mode of '/etc/csf/csftest.pl' retained as 0700 (rwx------)
mode of '/etc/csf/lfd.pl' retained as 0700 (rwx------)
mode of '/etc/csf/pt_deleted_action.pl' retained as 0700 (rwx------)
chmod: cannot access '/etc/csf/*.cgi': No such file or directory
failed to change mode of '/etc/csf/*.cgi' from 0700 (rwx------) to 0700 (rwx------)
mode of '/etc/csf/remove_apf_bfd.sh' retained as 0700 (rwx------)
mode of '/etc/csf/uninstall.sh' retained as 0700 (rwx------)
chmod: cannot access '/etc/csf/*.php': No such file or directory
failed to change mode of '/etc/csf/*.php' from 0700 (rwx------) to 0700 (rwx------)
chmod: cannot access '/etc/csf/*.py': No such file or directory
failed to change mode of '/etc/csf/*.py' from 0700 (rwx------) to 0700 (rwx------)
mode of '/etc/csf/webmin/csf/index.cgi' changed from 0600 (rw-------) to 0700 (rwx------)
mode of '/etc/cron.d/lfd-cron' changed from 0755 (rwxr-xr-x) to 0644 (rw-r--r--)
mode of '/etc/cron.d/csf-cron' changed from 0755 (rwxr-xr-x) to 0644 (rw-r--r--)
'csget.pl' -> '/etc/cron.daily/csget'
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
   LANGUAGE = "en_US:en",
   LC_ALL = (unset),
   LC_TIME = "id_ID.UTF-8",
   LC_MONETARY = "id_ID.UTF-8",
   LC_ADDRESS = "id_ID.UTF-8",
   LC_TELEPHONE = "id_ID.UTF-8",
   LC_NAME = "id_ID.UTF-8",
   LC_MEASUREMENT = "id_ID.UTF-8",
   LC_IDENTIFICATION = "id_ID.UTF-8",
   LC_NUMERIC = "id_ID.UTF-8",
   LC_PAPER = "id_ID.UTF-8",
   LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
mode of 'auto.generic.pl' changed from 0755 (rwxr-xr-x) to 0700 (rwx------)
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
   LANGUAGE = "en_US:en",
   LC_ALL = (unset),
   LC_TIME = "id_ID.UTF-8",
   LC_MONETARY = "id_ID.UTF-8",
   LC_ADDRESS = "id_ID.UTF-8",
   LC_TELEPHONE = "id_ID.UTF-8",
   LC_NAME = "id_ID.UTF-8",
   LC_MEASUREMENT = "id_ID.UTF-8",
   LC_IDENTIFICATION = "id_ID.UTF-8",
   LC_NUMERIC = "id_ID.UTF-8",
   LC_PAPER = "id_ID.UTF-8",
   LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
'/etc/csf/csf.conf' -> '/var/lib/csf/backup/1639095612_pre_v14_15_upgrade'

*** IPV6 Enabled

*** IPV6_SPI set to 1

TCP ports currently listening for incoming connections:

UDP ports currently listening for incoming connections:

Note: The port details above are for information only, csf hasn't been auto-configured.

Don't forget to:
1. Configure the following options in the csf configuration to suite your server: TCP_*, UDP_*
2. Restart csf and lfd
3. Set TESTING to 0 once you're happy with the firewall, lfd will not run until you do so

Adding current SSH session IP address to the csf whitelist in csf.allow:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
   LANGUAGE = "en_US:en",
   LC_ALL = (unset),
   LC_TIME = "id_ID.UTF-8",
   LC_MONETARY = "id_ID.UTF-8",
   LC_ADDRESS = "id_ID.UTF-8",
   LC_TELEPHONE = "id_ID.UTF-8",
   LC_NAME = "id_ID.UTF-8",
   LC_MEASUREMENT = "id_ID.UTF-8",
   LC_IDENTIFICATION = "id_ID.UTF-8",
   LC_NUMERIC = "id_ID.UTF-8",
   LC_PAPER = "id_ID.UTF-8",
   LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
Adding 192.168.100.7 to csf.allow only while in TESTING mode (not iptables ACCEPT)
*WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
'lfd.service' -> '/usr/lib/systemd/system/lfd.service'
'csf.service' -> '/usr/lib/systemd/system/csf.service'
chcon: invalid context: 'system_u:object_r:systemd_unit_file_t:s0': No such file or directory
chcon: invalid context: 'system_u:object_r:systemd_unit_file_t:s0': No such file or directory
Created symlink /etc/systemd/system/multi-user.target.wants/csf.service → /lib/systemd/system/csf.service.
Created symlink /etc/systemd/system/multi-user.target.wants/lfd.service → /lib/systemd/system/lfd.service.
Failed to disable unit: Unit file firewalld.service does not exist.
Failed to stop firewalld.service: Unit firewalld.service not loaded.
Unit firewalld.service does not exist, proceeding anyway.
Created symlink /etc/systemd/system/firewalld.service → /dev/null.
'/etc/csf/csfwebmin.tgz' -> '/usr/local/csf/csfwebmin.tgz'

Installation Completed

Ada sedikit perbedaan instalasi pada Debian 10, ikuti perintah di bawah ini.

Install packages libwww:

root@debian:/usr/src/csf# apt-get install libwww-perl -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
libwww-perl is already the newest version (6.36-2).
libwww-perl set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@debian:/usr/src/csf# perl /usr/local/csf/bin/csftest.pl
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
   LANGUAGE = "en_US:en",
   LC_ALL = (unset),
   LC_ADDRESS = "id_ID.UTF-8",
   LC_NAME = "id_ID.UTF-8",
   LC_MONETARY = "id_ID.UTF-8",
   LC_PAPER = "id_ID.UTF-8",
   LC_IDENTIFICATION = "id_ID.UTF-8",
   LC_TELEPHONE = "id_ID.UTF-8",
   LC_MEASUREMENT = "id_ID.UTF-8",
   LC_TIME = "id_ID.UTF-8",
   LC_NUMERIC = "id_ID.UTF-8",
   LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server

Nonaktifkan firewalld dengan:

root@debian:/usr/src/csf# systemctl stop firewalld
root@debian:/usr/src/csf# systemctl disable firewalld
Unit /etc/systemd/system/firewalld.service is masked, ignoring.

Ubah “make TESTING=’1’ menjadi 0” di konfigurasi CSF.

root@debian:/usr/src/csf# nano /etc/csf/csf.conf

Restart dan tes CSF:

root@debian:/usr/src/csf# systemctl restart {csf,lfd}
root@debian:/usr/src/csf# systemctl enable {csf,lfd}
root@debian:/usr/src/csf# systemctl is-active {csf,lfd}
active
active

Kemudian restart CSF agar dapat me-reload hasil konfigurasi yang sudah diperbarui.

root@debian:/usr/src/csf# csf -r
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
   LANGUAGE = "en_US:en",
   LC_ALL = (unset),
   LC_ADDRESS = "id_ID.UTF-8",
   LC_NAME = "id_ID.UTF-8",
   LC_MONETARY = "id_ID.UTF-8",
   LC_PAPER = "id_ID.UTF-8",
   LC_IDENTIFICATION = "id_ID.UTF-8",
   LC_TELEPHONE = "id_ID.UTF-8",
   LC_MEASUREMENT = "id_ID.UTF-8",
   LC_TIME = "id_ID.UTF-8",
   LC_NUMERIC = "id_ID.UTF-8",
   LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("en_US.UTF-8").
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `ALLOWIN'
Flushing chain `ALLOWOUT'
Flushing chain `DENYIN'
Flushing chain `DENYOUT'
Flushing chain `INVALID'
Flushing chain `INVDROP'
Flushing chain `LOCALINPUT'
Flushing chain `LOCALOUTPUT'
Flushing chain `LOGDROPIN'
Flushing chain `LOGDROPOUT'
Deleting chain `ALLOWIN'
Deleting chain `ALLOWOUT'
Deleting chain `DENYIN'
Deleting chain `DENYOUT'
Deleting chain `INVALID'
Deleting chain `INVDROP'
Deleting chain `LOCALINPUT'
Deleting chain `LOCALOUTPUT'
Deleting chain `LOGDROPIN'
Deleting chain `LOGDROPOUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `ALLOWIN'
Flushing chain `ALLOWOUT'
Flushing chain `DENYIN'
Flushing chain `DENYOUT'
Flushing chain `INVALID'
Flushing chain `INVDROP'
Flushing chain `LOCALINPUT'
Flushing chain `LOCALOUTPUT'
Flushing chain `LOGDROPIN'
Flushing chain `LOGDROPOUT'
Deleting chain `ALLOWIN'
Deleting chain `ALLOWOUT'
Deleting chain `DENYIN'
Deleting chain `DENYOUT'
Deleting chain `INVALID'
Deleting chain `INVDROP'
Deleting chain `LOCALINPUT'
Deleting chain `LOCALOUTPUT'
Deleting chain `LOGDROPIN'
Deleting chain `LOGDROPOUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
csf: FASTSTART loading DROP no logging (IPv4)
csf: FASTSTART loading DROP no logging (IPv6)
LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0   limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP_IN Blocked* "
LOG tcp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0   tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP_OUT Blocked* "
LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0   limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP_IN Blocked* "
LOG udp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0   limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP_OUT Blocked* "
LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0   limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP_IN Blocked* "
LOG icmp opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0   limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP_OUT Blocked* "
LOG tcp opt    in * out * ::/0 -> ::/0   limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP6IN Blocked* "
LOG tcp opt    in * out * ::/0 -> ::/0   tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP6OUT Blocked* "
LOG udp opt    in * out * ::/0 -> ::/0   limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP6IN Blocked* "
LOG udp opt    in * out * ::/0 -> ::/0   limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP6OUT Blocked* "
LOG icmpv6 opt    in * out * ::/0 -> ::/0   limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP6IN Blocked* "
LOG icmpv6 opt    in * out * ::/0 -> ::/0   limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP6OUT Blocked* "
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
REJECT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0   reject-with icmp-port-unreachable
DROP all opt    in * out * ::/0 -> ::/0
REJECT all opt    in * out * ::/0 -> ::/0   reject-with icmp6-port-unreachable
DENYOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
DENYIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ALLOWOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
ALLOWIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
DENYOUT all opt    in * out !lo ::/0 -> ::/0
DENYIN all opt    in !lo out * ::/0 -> ::/0
ALLOWOUT all opt    in * out !lo ::/0 -> ::/0
ALLOWIN all opt    in !lo out * ::/0 -> ::/0
csf: FASTSTART loading Packet Filter (IPv4)
csf: FASTSTART loading Packet Filter (IPv6)
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
INVALID tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
INVALID tcp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
DROP all opt    in * out * ::/0 -> ::/0
INVALID tcp opt    in !lo out * ::/0 -> ::/0
INVALID tcp opt    in * out !lo ::/0 -> ::/0
csf: FASTSTART loading csf.allow (IPv4)
ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0   icmptype 8 limit: avg 1/sec burst 5
LOGDROPIN icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0   icmptype 8
ACCEPT icmp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT icmp opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT icmpv6 opt    in !lo out * ::/0 -> ::/0
ACCEPT icmpv6 opt    in * out !lo ::/0 -> ::/0
ACCEPT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0   ctstate RELATED,ESTABLISHED
ACCEPT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0   ctstate RELATED,ESTABLISHED
ACCEPT all opt    in !lo out * ::/0 -> ::/0   ctstate RELATED,ESTABLISHED
ACCEPT all opt    in * out !lo ::/0 -> ::/0   ctstate RELATED,ESTABLISHED
csf: FASTSTART loading TCP_IN (IPv4)
csf: FASTSTART loading TCP6_IN (IPv6)
csf: FASTSTART loading TCP_OUT (IPv4)
csf: FASTSTART loading TCP6_OUT (IPv6)
csf: FASTSTART loading UDP_IN (IPv4)
csf: FASTSTART loading UDP6_IN (IPv6)
csf: FASTSTART loading UDP_OUT (IPv4)
csf: FASTSTART loading UDP6_OUT (IPv6)
ACCEPT all opt -- in lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in * out lo 0.0.0.0/0 -> 0.0.0.0/0
LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
LOGDROPIN all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt    in lo out * ::/0 -> ::/0
ACCEPT all opt    in * out lo ::/0 -> ::/0
LOGDROPOUT all opt    in * out !lo ::/0 -> ::/0
LOGDROPIN all opt    in !lo out * ::/0 -> ::/0
csf: FASTSTART loading DNS (IPv4)
csf: FASTSTART loading DNS (IPv6)
LOCALOUTPUT all opt -- in * out !lo 0.0.0.0/0 -> 0.0.0.0/0
LOCALINPUT all opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0
LOCALOUTPUT all opt    in * out !lo ::/0 -> ::/0
LOCALINPUT all opt    in !lo out * ::/0 -> ::/0
*WARNING* Binary location for [SENDMAIL] [/usr/sbin/sendmail] in /etc/csf/csf.conf is either incorrect, is not installed or is not executable
*WARNING* Missing or incorrect binary locations will break csf and lfd functionality

*WARNING* RESTRICT_SYSLOG is disabled. See SECURITY WARNING in /etc/csf/csf.conf.

wanSoft

Catatan di Dunia Teknologi Informasi

Friday, 10 December 2021

Install Firewall Server Debian Wordpres

0 comments:

Post a Comment

BOOKMARK

Categories

Search This Blog

Blog Archive

Popular Posts

Twitter-an

Contact Us