Page 2 of 2 FirstFirst 12
Results 26 to 39 of 39
  1. #26
    Join Date
    Dec 2004
    Location
    India, USA
    Posts
    364
    Hi,

    I installed it and then came to know that i can't have this on a VPS. Please tell me how to un-install it ? I tried rpm -e apf but it did not worked.

    Thanks.

  2. #27
    Join Date
    Jul 2005
    Location
    Beverly Hills, CA.
    Posts
    245
    Originally posted by Tapan
    Hi,

    I installed it and then came to know that i can't have this on a VPS. Please tell me how to un-install it ? I tried rpm -e apf but it did not worked.

    Thanks.
    rpm -qa | grep AFP or apf (look for the RPM)

    once you find the rpm

    rpm -e <name>

    Done. If you cant find it, PM me and ill help you.

  3. #28
    IG_TCP_CPORTS is that the one i should change ports in?

  4. #29
    Join Date
    Aug 2004
    Posts
    58
    Hi!

    i have installed apf on cpanel. the current settings open all the konwn ports and allow connection from all ips.


    what i want,

    i want to allow port 80 to be open for whole world


    and all the other ports available for only local 192.168.0.* and certain other ips.

    what changes should i do ?

  5. #30
    Join Date
    Apr 2002
    Location
    Troy, MI
    Posts
    324
    Originally posted by tsook
    @ 93.3

    How did you solve that problem?

    *
    lsmod: QM_MODULES: Function not implemented

    Unable to load iptables module (ip_tables), aborting.
    *
    enable mono kern option in conf.apf
    Ryan MacDonald
    Lead Administrator | TotalChoice Hosting
    Choice Does Matter! | Serving over 26,000 clients

  6. #31
    Does anybody have a tutorial on installing APF under Debian?

    When I ran the installer, it gave an error message about /etc/rc.d not existing.

    Also when I run /usr/local/sbin/apf -s I do not see a process running that would correlate, which seems to indicate to me that it's not running?

    And I do not see an init script in /etc/init.d/ as the documentation says their should be.

    Any ideas?

  7. #32
    Does anyone know what's the deal with the ./firewall executable in /etc/apf ?

  8. #33
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    Quote Originally Posted by Necroist
    Does anyone know what's the deal with the ./firewall executable in /etc/apf ?
    It's not an exe, it's a standard shell script, which is made +x
    The file is the handler for most of the firewall rules out there. It defines what ports are open, what are closed, and it's called on startup. Don't play in here unless you know what you're doing
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons

  9. #34
    Join Date
    Sep 2005
    Location
    In canada
    Posts
    3,374
    Quote Originally Posted by OneBinary
    Does anybody have a tutorial on installing APF under Debian?

    When I ran the installer, it gave an error message about /etc/rc.d not existing.

    Also when I run /usr/local/sbin/apf -s I do not see a process running that would correlate, which seems to indicate to me that it's not running?

    And I do not see an init script in /etc/init.d/ as the documentation says their should be.

    Any ideas?

    Type iptables -L and look at the list of rules if its blank than its not running,

    Just to make sure u understand by blank type /usr/local/sbin/apf -f and type iptables -L

    And than type /usr/local/sbin/apf -s and again type iptables -L .

    If both outputs are same that means its not running but if output are differnt its running.

    And do not use the rules as defined by Hoob as you will end up blocking yourself out of ssh.

    If you want to be able to access SSH in UDP port instead of 37 use 22 , cause seems like he is using 37 for ssh port.

    cheers


    Quote Originally Posted by Hoobastank68
    Hi,


    UDP_CPORTS="37,53,873"

    Many other options in which you can enable inside the config. Please take time to configure.
    Last edited by Energizer Bunny; 05-03-2006 at 08:55 PM.
    12+ years -same website , new server [SSD Inside] providing shared/reseller hosting only !
    These things we do not provide/offer : Unlimited Storage ! Unlimited Bandwidth ! But Why? Cause, we were unable to put such a large number on our pages, it just would not fit.
    So check out the numbers that actually fit >> << the page as well as your budget too !

  10. #35

    * Problems with APF / BFD

    I recently installed APF/BFD on our linux boxes. The installation went through very well without any issues.The website and other services on the servers were also functioning very well.

    However at 2:00 AM the following day, I got a alert that the website is down and I tried to SSH to the server. Unfortunately the server did not allow me that. I realised that I was completely locked out and I had the datacenter personnel to logon at the console and have him uninstall BFD and reboot the server. After the server reboot I was able to SSH to the server. I removed the apf from chkconfig and rebooted the server again. Everything looked good until 2:00 AM the next day. Again the website was down and the server became inaccessible. Agian I had the datacenter personnel to restart the server and evrything backup normal.

    Later I realised that there was a cron job fw. ( I guess it was running at 2:00 AM).. After removing the cron job everthing is working normally , but still having SSH brute force attack.

    Could anyone help me to implement APF/BFD on my linux boxes? I am not sure where I am going wrong in configuring the firewall.

    I appreciate your help

    thanks

    gspai

  11. #36
    Join Date
    Nov 2005
    Posts
    78
    I am getting this when trying to run APF:

    [root@ip- apf]# ./apf -s
    eth0: error fetching interface information: Device not found
    eth0: error fetching interface information: Device not found
    eth0: error fetching interface information: Device not found
    Development mode enabled!; firewall will flush every 5 minutes.
    Opening /proc/modules: No such file or directory
    Unable to load iptables module (ip_tables), aborting.

    How to fix it?

  12. #37
    I've been running APF 0.92 after installing it normally. My server is located in a server farm about 40 miles from me.

    All went well for months, but then I rebooted the machine. Mistake.
    It wouldn't come up.

    I had to visit my machine in person and boot it up interactively, saying "NO" to have APF activated on the boot up.

    That was the trick, and the machine then booted normally.

    So, how do I change the config so as to either not include APF on the bootup or otherwise whitelist my own server farm port/ip/whatever issues so the machine boots up remotely???

    (I think I can remember enough of the config to make sure it's not in the bootup sequence, but I'll have to read on that.)

    But the issue of not being able to boot up cold with APF in the sequence bugs me, because at the moment that means I can't reboot with APF installed.

    Any help?

  13. #38
    Join Date
    Oct 2004
    Location
    Ohio
    Posts
    1,668
    Look for the line VF_UTIME="0", change that to say a 60 seconds or so and it should be fine. This option will tell APF not to start till the server has been up for a set amount of time. If you still have problems after changing it, increase the time and try again. Hope this helps.

  14. #39
    Quote Originally Posted by Chris_M
    Look for the line VF_UTIME="0", change that to say a 60 seconds or so and it should be fine. This option will tell APF not to start till the server has been up for a set amount of time. If you still have problems after changing it, increase the time and try again. Hope this helps.
    Aha! Thank you! I'll try that... although it may be a while before I'm close enough to the server to make sure it'll boot if things go wrong!

    Appreciate that tip!

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •