mrqaidi/csf-installer.sh

## csf-installer.sh
#! /bin/bash
# Coded By Ayman Qaidi mrqaidi@gmail.com
# run chmod 755 csf-installer.sh and then ./csf-installer.sh
install_csf(){
	read -p "Install and configure CSF? (y/n) " CSF
		if [ "$CSF" = "y" ] || [ "$CSF" = "s" ]; then
			wget https://download.configserver.com/csf.tgz 2> /dev/null

			# Checks if you've downloaded the package correctly
			[ "$?" != 0 ] && echo -e "Download problem." && return 1

			#       Extract the package
			tar -xzf csf.tgz

			#       Run the official installation script
			cd csf ; sh install.sh

			#       Testing iptables modules
			perl /etc/csf/csftest.pl

			#       Disable test mode
			sed -i 's/^TESTING .*/TESTING = "0"/' /etc/csf/csf.conf

			#      Define incoming ports that will be accepted (TCP)
			sed -i 's/^TCP_IN .*/TCP_IN = "25,80,443,465,587,993,995,2297,9200,9300,10050,10051,2082,2083,2087"/' /etc/csf/csf.conf

			#      Define output ports to be accepted (TCP)
			sed -i 's/^TCP_OUT .*/TCP_OUT = "21,22,25,80,443,465,587,993,995,2297,9200,9300,10050,10051"/' /etc/csf/csf.conf

			#       Set incoming ports to be accepted (UDP)
			sed -i 's/^UDP_IN .*/UDP_IN = "53"/' /etc/csf/csf.conf

			#       Set output ports to be accepted (UDP)
			sed -i 's/^UDP_OUT .*/UDP_OUT = "53"/' /etc/csf/csf.conf

			#       Protect against SYN Flood attacks
			sed -i 's/^SYNFLOOD .*/SYNFLOOD = "1"/' /etc/csf/csf.conf

			#       Enable monitoring when there are more than 100 connections per second
			sed -i 's/^SYNFLOOD_RATE .*/SYNFLOOD_RATE = "100\/s"/' /etc/csf/csf.conf

			#       Block IP when it reaches more than 150 connections per second
			sed -i 's/^SYNFLOOD_BURST .*/SYNFLOOD_BURST = "150"/' /etc/csf/csf.conf

			#      Clear accepted IPs, if available
			sed -n -i '/^#/p' /etc/csf/csf.allow


			#       Enable to upgrade with csf -u
			sed -i 's/^URLGET .*/URLGET = "1"/' /etc/csf/csf.conf

			#       Reload to have the changes take effect
			csf -r

			#       Show current version
			csf -v

			#       Final message
			echo -e "Installation completed."
		fi
}

install_csf
	#! /bin/bash
	# Coded By Ayman Qaidi mrqaidi@gmail.com
	# run chmod 755 csf-installer.sh and then ./csf-installer.sh
	install_csf(){
	read -p "Install and configure CSF? (y/n) " CSF
	if [ "$CSF" = "y" ] \|\| [ "$CSF" = "s" ]; then
	wget https://download.configserver.com/csf.tgz 2> /dev/null

	# Checks if you've downloaded the package correctly
	[ "$?" != 0 ] && echo -e "Download problem." && return 1

	# Extract the package
	tar -xzf csf.tgz

	# Run the official installation script
	cd csf ; sh install.sh

	# Testing iptables modules
	perl /etc/csf/csftest.pl

	# Disable test mode
	sed -i 's/^TESTING .*/TESTING = "0"/' /etc/csf/csf.conf

	# Define incoming ports that will be accepted (TCP)
	sed -i 's/^TCP_IN .*/TCP_IN = "25,80,443,465,587,993,995,2297,9200,9300,10050,10051,2082,2083,2087"/' /etc/csf/csf.conf

	# Define output ports to be accepted (TCP)
	sed -i 's/^TCP_OUT .*/TCP_OUT = "21,22,25,80,443,465,587,993,995,2297,9200,9300,10050,10051"/' /etc/csf/csf.conf

	# Set incoming ports to be accepted (UDP)
	sed -i 's/^UDP_IN .*/UDP_IN = "53"/' /etc/csf/csf.conf

	# Set output ports to be accepted (UDP)
	sed -i 's/^UDP_OUT .*/UDP_OUT = "53"/' /etc/csf/csf.conf

	# Protect against SYN Flood attacks
	sed -i 's/^SYNFLOOD .*/SYNFLOOD = "1"/' /etc/csf/csf.conf

	# Enable monitoring when there are more than 100 connections per second
	sed -i 's/^SYNFLOOD_RATE .*/SYNFLOOD_RATE = "100\/s"/' /etc/csf/csf.conf

	# Block IP when it reaches more than 150 connections per second
	sed -i 's/^SYNFLOOD_BURST .*/SYNFLOOD_BURST = "150"/' /etc/csf/csf.conf

	# Clear accepted IPs, if available
	sed -n -i '/^#/p' /etc/csf/csf.allow


	# Enable to upgrade with csf -u
	sed -i 's/^URLGET .*/URLGET = "1"/' /etc/csf/csf.conf

	# Reload to have the changes take effect
	csf -r

	# Show current version
	csf -v

	# Final message
	echo -e "Installation completed."
	fi
	}

	install_csf