csf options

[root@server ~]# csf -h
csf: v5.03 (cPanel)

ConfigServer Security & Firewall
(c)2006-2010, Way to the Web Limited (http://www.configserver.com)

Usage: /usr/sbin/csf [option] [value]

Option                Meaning
-h, --help            Show this message
-l, --status           List/Show iptables configuration
-s, --start            Start firewall rules
-f, --stop             Flush/Stop firewall rules (Note: lfd may restart csf)
-r, --restart          Restart firewall rules
-q, --startq          Quick restart (csf restarted by lfd)
-sf, --startf           Force CLI restart regardless of LF_QUICKSTART setting
-a, --add ip          Allow an IP and add to /etc/csf.allow
-ar, --addrm ip     Remove an IP from /etc/csf.allow and delete rule
-d, --deny ip         Deny an IP and add to /etc/csf.deny
-dr, --denyrm ip    Unblock an IP and remove from /etc/csf.deny
-df, --denyf           Remove and unblock all entries in /etc/csf.deny
-g, --grep ip          Search the iptables rules for an IP match (incl. CIDR)
-t, --temp              Displays the current list of temp IP entries and their TTL
-tr, --temprm ip     Remove an IPs from the temp IP ban and allow list
-td, --tempdeny ip ttl [-p port] [-d direction]
                            Add an IP to the temp IP ban list. ttl is how long to
                            blocks for (default:seconds, can use one suffix of h/m/d).
                           Optional port. Optional direction of block can be one of:
                            in, out or inout (default:in)
-ta, --tempallow ip ttl [-p port] [-d direction]
                    Add an IP to the temp IP allow list (default:inout)
-tf, --tempf        Flush all IPs from the temp IP entries
-cp, --cping        PING all members in an lfd Cluster
-cd, --cdeny ip     Deny an IP in a Cluster and add to /etc/csf.deny
-ca, --callow ip    Allow an IP in a Cluster and add to /etc/csf.allow
-cr, --crm ip       Unblock an IP in a Cluster and remove from /etc/csf.deny
-cc, --cconfig [name] [value]
                    Change configuration option [name] to [value] in a Cluster
-ccr, --cconfigr [name] [value]
                    Change configuration option [name] to [value] in a Cluster
                    and then restart csf and lfd
-w, --watch ip      Log SYN packets for an IP across iptables chains
-m, --mail [addr]   Display Server Check in HTML or email to [addr] if present
-c, --check         Check for updates to csf but do not upgrade
-u, --update        Check for updates to csf and upgrade if available
-uf                 Force an update of csf
-x, --disable       Disable csf and lfd
-e, --enable        Enable csf and lfd if previously disabled
-v, --version       Show csf version
[root@server ~]#