How TO install APF Firewall
“Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file.”
(http://rfxnetworks.com/apf.php)
How To install APF firewall
Login to your server as root, then:
# cd /usr/srcwget http://rfxnetworks.com/downloads/apf-current.tar.gz
# tar -xvzf apf-current.tar.gz
# rm -f apf-current.tar.gz
# cd apf-*
# ./install.shcd /etc/apf
Port configuration:
Ports 2082 to port 2095 is mostly used by cpanel, and port 19638 is only use in ensim.
Edit conf.apf
# nano conf.apf
Common ingress (inbound) TCP IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096,3306,10000,35000_35999″
Common ingress (inbound) UDP
IG_UDP_CPORTS=”20,21,53,1040″
Exit and save and then restart apf:
# service apf start
If APF is functioning fine, edit the conf.apf
# nano conf.apfSet the DEVM parameter to 0DEVM=”0″
Now you can Restart APF, and is done:
# service apf restart
source : http://sysadmingear.blogspot.com/2007/10/how-to-install-apf-firewall.html
