How to block IPs with Brute Force Monitor in DirectAdmin using CSF

On this page: I need a firewall. What are my options?
The following guide is mentioned: How to block IPs with Brute Force Monitor in DirectAdmin using CSF

There is an automated install script in there, but that skips 2 of the optional steps in the manual guide. I am running CentOS7 and just would like to know the reasoning behind it.

1. Seems that "Disable iptables (optional)" is not done in the script.. Why?
2. Why would i want to disable firewalld?

Hello,

You don't need to manage raw iptables or firewalld if you want to run CSF/LFD. The acronym CSF means "ConfigServer Firewall & Security".

On CentOS 7 it's expected to have firewalld enabled by default, not raw iptables.