Hi, I've had an issue with a customer of mine not being able to reach my ev1 server. I just received an email from tech support over there that told me that my apf rules were blocking that customer's specific IP address.

Hopefully this isn't too general of a question, but what is it likely to be within conf.apf that would need adjusting? I didn't set this up intially and so am a bit in the dark..

vi /etc/apf/deny_hosts.rules

See if there are any IP's in there.

Once you remove it from that file don't forget to restart apf

apf -r

Strange, I don't even have that file..

I do have a drop_hosts.rules which appears to be the same thing, but it is an empty file.

What version of APF you have? There should be a VERSION file in /etc/apf. You might want to grab the newest version and re-install as well.

Do you have AD or DS set to "1" in conf.apf? Look for that as well. You could also stop APF temporarily and have your client try to access the server. That will tell you if its the firewall or not.

I don't see a version file.. If I do update the newest version, will it keep my current settings? I'm a firewall newbie and don't want to expose any vulnerabilities.

Here is a step by step howto.

http://www.hostinglife.com/security/apf.php

USE_DS is set to 0. I'll look into changing that.

As for turning the APF off, tech support at ev1 did that and then ran a tracert back to the customer's IP and it seemed to work. So they concluded that the problem is with the firewall.

Thanks for the step by step guide btw, I'll use that.

When I upgraded mine its seemed to keep some of my settings. The new version of APF should fix you up. I hope. Let me know how it goes!

the older versions do not have a lot of the BOGON IPs that have been released recently. You should check out the APF forum as well.

Try cat /etc/apf/VERSION and compare what you got what what is latest.

HTH :)

Try finding the ip address in the following file:

/etc/apf/ad/ad.rules

Once you find the ip address delete it and then restart APF with

service apf restart

That should work!

i have a similar problem, when i restart my server about 50% of sites are down, to get it up again i need to stop and start APF! any idea?

BFD keeps blocking everyone, can anyone help?