APF / Advanced Policy Firewall
How to install APF (Advanced Policy Firewall) .
APF is a policy based iptables firewall system designed for ease of use and configuration
Let’s begin!
Login into SSH and type
—————————————————————-
cd /root/downloads
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf-0.9.5-1 // or whatever the latest version is
./install.sh
—————————————————————-
——————————————————–
Installing APF 0.9.5-1: Completed.
Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf
AntiDos install path: /etc/apf/ad/
AntiDos config path: /etc/apf/ad/conf.antidos
DShield Client Parser: /etc/apf/extras/dshield/
———————————————————
Now we need to configure our new firewall…
We need to edit apf.conf
That is located here: /etc/apf/conf.apf
—————————————————————————————-
Common ingress (inbound) ports
# Common ingress (inbound) TCP ports -3000_3500 = passive port range for Pure FTPD
IG_TCP_CPORTS=”21,22,25,53,80,110,143,443,2082,2083, 2086,2087, 2095, 2096,3000_3500″
#
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”53″
Common egress (outbound) ports
# Egress filtering [0 = Disabled / 1 = Enabled]
EGF=”1″
# Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,25,80,443,43,2089″
#
# Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,53″
—————————————————————————————–
Then… (apf.conf)
———————-
FIND: DEVM=”1″
CHANGE TO: DEVM=”0″
———————-
now start apf, type in ssh
———–
apf -s
———–
Some other apf commands:
—————————
apf -s - start apf
apf -r - restart apf
apf -f - flush firewall
apf -st - firewall status
apf -d IP - bann IP
apf -u IP - unbann IP
—————————
source :
http://packetstormsecurity.org/papers/general/server_security.txt
