root@xxxxxxxx (Web App server)'s password:
Last login: Fri Aug 26 08:48:52 2011 from 112.254.11.46
CSF is running on this machine
Do NOT flush the firewall

首先确定机器安装了csf

[root@host csf]# vi /etc/csf/csf.conf

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,26,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,26,37,43,53,80,110,113,443,465,873,2087,2089,2703"

# Allow incoming UDP ports
UDP_IN = "20,21,53,465,6277,24441"
# Allow outgoing UDP ports
UDP_OUT = "20,21,53,113,123,465,873,6277,24441,33434:33523"

在每行的最后添加你想要打开的端口号。

下面的例子,是打开
incoming TCP ports 12345 command  
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,26,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,12345"

添加完成后,保存文件并重启防火墙

service csf restart

===================================

Open port  (打开4040)

netstat -lnp | grep :4040

iptables -L -n | grep 4040