Allow Incoming Mysql Connection for Single ip in CSF

In CSF firewall sometimes we only want to allow an IP through on a certain port like MySQL port 3306 without fully whitelisting them.

Please follow below steps to allow outgoing mysql on CSF.

Step 1 

vi /etc/csf/csf.conf
add port 3306 on outgoing

Allow outgoing TCP ports
TCP_OUT = “20,21,22,25,37,43,53,80,110,113,443,995,3306″

Step 2

How to allow outgoig mysql only one ip

vi /etc/csf/csf.allow
add line like:


Also we can use the command below

csf -a “tcp|in|d=3306|s=<IP address>”

We need to provide the IP address at <IP address>

:: Restarting csf

/etc/init.d/csf restart