ConfigServer Security & Firewall (CSF) is a packet health monitoring tool (SPI), login or intrusion detection and security application for Linux servers. This is a very popular security package, but still
not officially supported on CentOS 7. CentOS 7 uses firewalld, but dodn’t use iptables. A google search will give you a picture that many faithful CentOS users find firewalld too complicated for their needs and fall back on iptables.
Iptables was the default firewall for CentOS 5 and 6. This tutorial is focused on showing you how to disable firewalld, install IP tables, CSF and CSF dependencies.

Install CSF

First you need to install CSF and disable and stop firewalld. This can be done using the following command:

systemctl disable firewalld
systemctl stop firewalld

Next, you need to install Iptables. This can be done using the following command:

yum -y install iptables-services

Then you need to create files needed by iptables

  touch /etc/sysconfig/iptables
  touch /etc/sysconfig/iptables6

Next, you need to run iptables

systemctl start iptables
systemctl start ip6tables

Then you need to enable iptables at boot

systemctl enable iptables
systemctl enable ip6tables

Install CSF dependencies

yum -y install wget perl unzip net-tools perl-libwww-perl perl-LWP-Protocol-https perl-GDGraph -y

Download and run the CSF installer.

cd /opt
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Delete the following installation files

rm -rf /opt/csf
rm /opt/csf.tgz

Done. All steps have been successfully completed.