Go Back   Web Server Hosting Forum by BODHost > Support > Linux Server Hosting
http://www.bodhost.com/forum/Reload this Page Installing APF on Linux server
 

Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old 12-04-06, 10:18
BOD Member
  
Join Date: Jul 2006
Posts: 107
Default Installing APF on Linux server
What is APF (Advanced Policy Firewall)? APF Firewall

APF is a policy based iptables firewall system designed for ease of use and configuration. It employs a subset of features to satisfy the veteran Linux user and the novice alike. Packaged in tar.gz format and RPM formats, make APF ideal for deployment in many server environments based on Linux.

You can Install APF by using following steps on the linux server:

1) Login to your box as root
2) Download the APF Source (current version 0.9.3.3)

CODE
# wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz


3) Extract the tar.gz

CODE
# tar -zxf apf-current.tar.gz


4) Enter the APF directory

CODE
# cd apf-0.9.3_3


5) Run install code

CODE
./install.sh


6) Modify the APF config File

CODE
#vi /etc/apf/conf.apf


Hit i to enter insert mod
7) Add in the ports you want to open for inbound (INGRES). The following is for a cPanel box

CODE

# Common ingress (inbound) TCP ports
IG_TCP_CPORTS=" 20,21,22,25,26,53,80,110,143,443,465,993,995,2082,
2083,2086,2087,2095,2096,3306,6666"

# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="21,53,465,873"

# Common ICMP (inbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
IG_ICMP_TYPES="3,5,11,0,30,8"



Please note that the above variables are already there, I placed what should be in there

8) Tell APF to monitor out going (EGRESS) also

CODE

Change the line:
EGF="0"
to
EGF="1"




9) Tell APF what ports to monitor

CODE

# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,22,25,26,37,43,53,80,110,113,443 ,465,873,2089,3306"

# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53,465,873"

# Common ICMP (outbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
EG_ICMP_TYPES="all"

10) Save and exit - hit 'esc' :wq 'enter'

11) Start APF

CODE
# /usr/local/sbin/apf -s


You may or may not get output, if you do please reply and I can advide as to what to fix. If all goes well ou go back to the command line.
You now want to verify everyhting works, you can still get into SSH, cPanel works, you can view a page, etc.

12) If all works edit the config file and change the developer mode to 0

CODE
# vi /etc/apf/conf.apf


Hit i to enter insert mode

CODE
Change
DEVM="1"
to
DEVM="0"



Save and quit
Hit 'esc' :wq 'enter'

13) Restart APF


CODE
# /usr/local/sbin/apf -r

APF is now installed and monitoring your server.
Reply With Quote
Reply

« TimeZone | SSL Certificate Installation in Cpanel »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump


All times are GMT -6. The time now is 02:20.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
Copyright © 1999-2012, BODHost Ltd. All rights reserved.

Web Server Hosting   -   Contact Us   -     -   Members   -   Register   -   Calendar   -   Search   -   FAQ