This article will show you how to back up and restore the configuration of csf/lfd. The task is rather simple, since all one needs to do is copy the configuration files from the /etc/csf folder to the archive location, or vice versa. The files are all located in the /etc/csf folder, as already mentioned, and they are the following (taken from the csf README):

  • csf.conf    – the main configuration file, it has helpful comments explaining what each option does
  • csf.allow    – a list of IP’s and CIDR addresses that should always be allowed through the firewall
  • csf.deny    – a list of IP’s and CIDR addresses that should never be allowed through the firewall
  • csf.ignore    – a list of IP’s and CIDR addresses that lfd should ignore and not not block if detected
  • csf.*ignore    – various ignore files that list files, users, IP’s that lfd should ignore. See each file for their specific purpose

The csf.*ignore files are the following:

  • csf.fignore
  • csf.mignore
  • csf.pignore
  • csf.rignore
  • csf.signore
  • csf.suignore

Thus, it is easy to tar and gzip them all in one go:

tar cvfz csfbackup.tgz csf.conf csf.allow csf.deny csf.*ignore

All you need to do then is transfer the gzipped tar to your archive place or to another server, to duplicate the csf/lfd configuration on it. Do not forget to restart csf and lfd if you restore the configuration somewhere, for the changes to take effect.