Switching between Configserver CSF and firewalld
I've been testing a process for switching back and forth between CSF and firewalld, either direction. Before doing this in production I wanted to float it here for comments by users and cPanel.
Here is what I think works:
Installing CSF flushes and masks firewalld but does not remove any firewalld files, and uninstalling it removes /etc/csf (all settings) but leaves the installer directory (/usr/src/csf/).
Firewalld can be backed up by making a copy of /etc/firewalld/ but it's not needed to switch back to it. You just unmask, enable, start, and it's back where it was. (It should NOT be re-enabled without removing CSF first.)
CSF can be backed up by making a copy /etc/csf/ which can be dropped in place after a reinstall and it will be back where it was.
I know the firewalld backup is safe to drop back in place (if needed). I *think* the same is true for the CSF backup, though not all files are needed, the extras don't do any harm.
Am I missing anything?
-Pete
Please sign in to leave a comment.
Comments
0 comments