HostOnNet Blog

HOWTO: APF Firewall

Looking for Linux Server Admin or WordPress Expert? We can help.

APF(Advanced Policy Firewall) is a modular iptables-based firewall designed for ease of use and configurability.

APF requires that you have Red Hat 7.2 or better

Both quick-start and custom rules configurations are supported.

APF has built in support for DShield.org’s “block” list of networks that have exhibited suspicious activity and that you might consider blocking.

– Installation

Installation is via rpm -Uvh of the rpm download.

– Configuration:

APF general configuration settings are kept in /etc/apf/conf.apf . You will need to specify the ports that you need open across all IP’s on the system being protected to the outside world in the TCP_CPORTS and UDP_CPORTS lines in this file. APF has built in support for common web hosting ports; these would be 21, 25, 80, 110, and 443

For example, on Ensim this would be 22, 19638 on TCP. For Plesk, it would be 22,8443. You would also need 53 for DNS, and other ports as needed.

Example:

# Common TCP Ports
TCP_CPORTS=”21,22,25,53,80,110,143, 443, 19638″

# Common UDP Ports
UDP_CPORTS=”53″

Please review the /usr/share/doc/apf-0.8.4/README file for further details.

Posted in Windows. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.