CSF - Limit FTP Access to Specific IP's Only on Server

If you are running CSF on your server and want to allow FTP access from certain IP address only, do the following:
1. Remove FTP ports (20,21) from a list of allowed incoming TCP ports (TCP_IN)

2. add IP addresses you want to allow FTP connections from to csf.allow


3. Restart CSF

Here is a quick CentOS script:

mv /etc/csf/csf.conf /etc/csf/csf.conf-`date +%d-%b-%Y`
cp /etc/csf/csf.conf-`date +%d-%b-%Y` /etc/csf/csf.conf
perl -pi -e 's/(s*TCP_INs*=s*.*?)("|,)20,21,(.*)/${1}${2}${3}/' /etc/csf/csf.conf
echo "198.xxx.xxx.xxx # Allow FTP access from this address" >> /etc/csf/csf.allow
service csf restart