Installing APF Firewall - Webmaster Forums UK SEO SEM Webmaster Community Forum

stealthhosts · #1 (**permalink**) 08-06-2005, 10:55 PM

----------------------------------------
This article is provided free by
Stealth IT Solutions Limited
It is free for non-distribution only.
Due to the nature of this data it may
not be edited, no data may be removed
including this text.
With thanks to admin0
myshashi2010@yahoo.com
No responsibility is accepted or implied
Proceed at your own risk
------http://www.stealthhosts.com-------

APF Firewall

In SSH:

Code:

cd /usr/local/
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf-0.9.3_3
./install.sh

you will see the following output:

Code:

.: APF installed
Install path: /etc/apf
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf

edit /etc/apf/conf.apf

Note: IG means incoming ports, EG means outgoing ports

I am not using EG(ports) now, perhaps after I am fully satisfied and get good feebdack, I will update this.

For CPanel, use:

Code:

DEVM="0"
FWPATH="/etc/apf"
IF="eth0"
MONOKERN="0"
TCP_STOP="DROP"
UDP_STOP="DROP"
DSTOP="DROP"
ICMP_LIM="60/m"
BLK_MCATNET="1"
BLK_PRVNET="1"
BLK_RESNET="1"
USE_DS="1"
USE_AD="1"
CDPORTS="135_139,111,161,199,513,445,1434,1234,1524"
IG_TCP_CPORTS="21,22,25,26,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096,7786" IG_UDP_CPORTS="53"
IG_ICMP_TYPES="3,5,11,0,30,8"
EGF="0"
EG_TCP_CPORTS="21,25,80,443"
EG_UDP_CPORTS="20,21,53"
EG_ICMP_TYPES="all"
IPTLOG="/var/log/apf_log"
DROP_LOG="1"
LRATE="60"
CNFINT="$FWPATH/internals/internals.conf"
. $CNFINT

For Ensim, use:

Code:

DEVM="0"
FWPATH="/etc/apf"
IF="eth0"
MONOKERN="0"
TCP_STOP="DROP"
UDP_STOP="DROP"
DSTOP="DROP"
ICMP_LIM="60/m"
BLK_MCATNET="1"
BLK_PRVNET="1"
BLK_RESNET="1"
USE_DS="1"
USE_AD="1"
CDPORTS="135_139,111,161,199,513,445,1434,1234,1524"
IG_TCP_CPORTS="21,22,25,53,80,110,143,443,19638" IG_UDP_CPORTS="53"
IG_ICMP_TYPES="3,5,11,0,30,8"
EGF="0"
EG_TCP_CPORTS="21,25,80,443"
EG_UDP_CPORTS="20,21,53"
EG_ICMP_TYPES="all"
IPTLOG="/var/log/apf_log"
DROP_LOG="1"
LRATE="60"
CNFINT="$FWPATH/internals/internals.conf"
. $CNFINT

For Plesk, use:

Code:

DEVM="0"
FWPATH="/etc/apf"
IF="eth0"
MONOKERN="0"
TCP_STOP="DROP"
UDP_STOP="DROP"
DSTOP="DROP"
ICMP_LIM="60/m"
BLK_MCATNET="1"
BLK_PRVNET="1"
BLK_RESNET="1"
USE_DS="1"
USE_AD="1"
CDPORTS="135_139,111,161,199,513,445,1434,1234,1524"
IG_TCP_CPORTS="21,22,25,53,80,110,143,443,8443"
IG_UDP_CPORTS="53"
IG_ICMP_TYPES="3,5,11,0,30,8"
EGF="0"
EG_TCP_CPORTS="21,25,80,443"
EG_UDP_CPORTS="20,21,53"
EG_ICMP_TYPES="all"
IPTLOG="/var/log/apf_log"
DROP_LOG="1"
LRATE="60"
CNFINT="$FWPATH/internals/internals.conf"
. $CNFINT

Backup/Secure Server {backup done via rsync using SSH}
I am using EG port here, so that packets going outside are also filtered.

Code:

DEVM="0"
FWPATH="/etc/apf"
IF="eth0"
MONOKERN="0"
TCP_STOP="DROP"
UDP_STOP="DROP"
DSTOP="DROP"
ICMP_LIM="60/m"
BLK_MCATNET="0"
BLK_PRVNET="0"
BLK_RESNET="0"
USE_DS="0"
USE_AD="0"
CDPORTS="135_139,111,161,199,513,445,1434,1234,1524"
IG_TCP_CPORTS="22"
IG_UDP_CPORTS=""
IG_ICMP_TYPES="3,5,11,0,30,8"
EGF="1"
EG_TCP_CPORTS="21,,22,25,80,443,"
EG_UDP_CPORTS="20,21,53"
EG_ICMP_TYPES="all"
IPTLOG="/var/log/apf_log"
DROP_LOG="1"
LRATE="60"
CNFINT="$FWPATH/internals/internals.conf"
. $CNFINT

In SSH, start the firewall:

Code:

/etc/init.d/apf start

DONE

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
What Firewall software do you use?	gkd_uk	Computer and Software Forum	2	11-02-2007 09:43 PM
Installing Windows XP on other computers	Duke	Computer and Software Forum	8	08-29-2005 07:25 AM
How your firewall can destroy your search engine rankings	ovi	General Search Engine Discussions	0	08-08-2005 07:07 PM
Installing Chkrootkit	stealthhosts	Computer and Software Forum	0	08-06-2005 11:09 PM
Installing mod_security	stealthhosts	Computer and Software Forum	1	08-06-2005 10:51 PM