How to install APF ?
How to install APF (Advanced Policy Firewall)
APF is the site Description of the software: It is the is a policy which is based on iptables firewall system designed for ease of use and configuration. APF provides a set of features to fulfil the veteran Linux user and the novice alike. Packaged in tar.gz format and RPM formats, make APF ideal for deployment in many server environments based on Linux.
Follow these steps to install APF:-
1) First login to your server via SSH as root.
2) Make /usr/src the current working directory. Type: cd /usr/src
3) You can get the most curent verison of APF. Type: wget http://rfxnetworks.com/downloads/apf-current.tar.gz
4) Now expand the APF tar.gz file by typing: tar -xvzf apf-current.tar.gz
5) Remove the tar.gz file by typing: rm -f apf-current.tar.gz
6) Locate the APF directory by typing: ls -la Look for a directory named apf-#.#/ where #.# represents the version of APF being installed (APF version 0.8.7 would be in a directory apf-0.8.7/ and version 0.9 would be in a directory named apf-0.9).
7) Make the APF directory the current working directory. Use the directory name you located in step 5.
Note:The numbers will change as new versions are released. Type: cd apf-0.9
Run the APF installation by typing: sh ./install.sh
9) Make /etc/apf the current working directory by typing: cd /etc/apf
10) Now edit the conf.apf file as desired by typing: pico -w conf.apf
For this firewall to work properly you need to edit/add/delete ports. These ports will allow services such as mail, ftp, and ssh to come in and out of the server. If you have changed any ports, please modify them below and add/remove as needed.
# Common ingress (inbound) TCP ports IG_TCP_CPORTS=”20,21,22,25,53,80,110,143,443,465, 993,995,2082,2083,2086,2087,2095,2096,3306, 10000,35000_35999″ Please note that ports 2082 to port 2095 is mostly used by cpanel, and port 19638 is only use in ensim.
# Common ingress (inbound) UDP ports IG_UDP_CPORTS=”20,21,53,1040″
10) After you have finished with editing the ports save the file and test APF. CTRL-X, Y to save enter to confirm
11) Start APF. Type: ./apf –start or Type: service apf start
12) If APF is functioning properly and you are not locked out edit the conf.apf again Type: pico -w conf.apf
13) Set the DEVM parameter to 0 DEVM=”0″
14) Once done Exit and save the file. CTRL-X, Y to save enter to confirm
15) Restart APF by typing: service apf restart
Now for enabling connections for server monitoring. Some service providers that offer monitoring need access to your server, and access without setting off alarms, firewalls etc. is a good thing. Just note which IP(s) you put in here.
1) To allow connections from xx.xx.xx.xx/24 Type: pico -w /etc/apf/allow_hosts.rules
2) At the very end of the file add this line xx.xx.xx.xx/24 Of course replace the xx.xx.xx.xx with the IP address provided o you.
