How To Install Sentinel Firewall On AlmaLinux 9

How to Install Sentinel Firewall (CSF) on AlmaLinux 9

Sentinel Firewall (CSF + LFD) is a powerful and lightweight firewall management tool designed for Linux servers. It adds an advanced layer of protection with login failure detection, port scanning defense, and IP blocking.

Switch to root (or use sudo)

sudo -s

Update your system

dnf update -y

Install prerequisites

dnf install -y wget tar perl

Download the Sentinel (CSF) package

cd /root
wget https://github.com/sentinelfirewall/sentinel/raw/refs/heads/main/csf.tgz

Extract the package

tar -xzf csf.tgz

Enter the extracted directory

cd csf

Run the installation script

sh install.sh

Post-Installation Configuration

After installation, follow these configuration steps to set up and enable Sentinel (CSF).

Edit the main configuration file

vi /etc/csf/csf.conf

Important parameters to configure

Setting	Description	Recommended
TESTING = "1"	CSF testing mode. Change to “0” to enable.	`0`
TCP_IN	Allowed inbound TCP ports.	`22,80,443,25,110,143,465,587,993,995`
TCP_OUT	Allowed outbound TCP ports.	`20,21,22,25,53,80,443,587,993,995`
UDP_IN / UDP_OUT	Allowed UDP ports (DNS, NTP, etc.).	`53,123`
ICMP_IN	Allow ping.	Optional
RESTRICT_SYSLOG	Restrict log access.	Default
LF_TRIGGER / LF_SSHD	Brute force thresholds.	Default

Save and exit (Ctrl + O, Ctrl + X).

Whitelist or Block Specific IPs

Whitelist your IP to avoid being locked out:

echo "203.0.113.5" >> /etc/csf/csf.allow

Block a known malicious IP:

echo "192.0.2.10" >> /etc/csf/csf.deny

Enable and Start the Firewall Services

systemctl enable csf
systemctl start csf
systemctl status csf

Then, enable and start lfd (Login Failure Daemon):

systemctl enable lfd
systemctl start lfd
systemctl status lfd

Disable Firewalld (to avoid conflicts)

systemctl stop firewalld
systemctl disable firewalld
systemctl status firewalld

Handle SELinux (if enforcing)

Check SELinux status:

sestatus

If enabled and enforcing, allow CSF rules:

dnf install -y policycoreutils-python-utils
ausearch -m avc -ts recent
audit2allow -a -M csf_custom
semodule -i csf_custom.pp

Test Configuration and Reboot

Reboot the system:

reboot

After reboot, verify CSF:

csf -v
csf -l

Optional Commands

Whitelist your IP if blocked:

csf -a <your_ip>

View logs:

tail -f /var/log/lfd.log
tail -f /var/log/messages

✅ Sentinel Firewall (CSF) is now installed and configured successfully on AlmaLinux 9.

In this guide,

CrownCloud

Get a SSD powered KVM VPS at $4.5/month!

1 GB RAM / 25 GB SSD / 1 CPU Core / 1 TB Bandwidth per month

Use Code:

WELCOME

for 10% off!

Get Started Now!

CrownCloud - Get a SSD powered KVM VPS at $4.5/month!

Use the code `WELCOME` for 10% off!

1 GB RAM / 25 GB SSD / 1 CPU Core / 1 TB Bandwidth per month

Available Locations: LAX | MIA | ATL | FRA | AMS

Get Started Now!

In this guide,

CrownCloud

Get a SSD powered KVM VPS at $4.5/month!

Use Code: WELCOME for 10% off!

CrownCloud - Get a SSD powered KVM VPS at $4.5/month!

Use the code WELCOME for 10% off!

Use Code:

WELCOME
for 10% off!

Use the code `WELCOME` for 10% off!