01-17-2004, 11:49 PM
|
|
WebHostingTalk Lover
|
|
Join Date: Mar 2003
Location: New York City
Posts: 7,393
|
|
APF FireWall Installation [Easy]
Hi,
This is a pretty simple How-to for installing APF Firewall.
1) Install:
wget http://www.rfxnetworks.com/downloads/apf-current.rpm
rpm -Uvh apf-current.rpm
2) Edit:
/etc/apf/conf.apf
DEVM="0" - set to 0 only if you are sure that firewall works good
(Common Cpanel Ports, please re-configure for your use)
TCP_CPORTS=" 21,22,25,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096,3306,7786" (in one line!)
UDP_CPORTS="37,53,873"
Many other options in which you can enable inside the config. Please take time to configure.
3) Restart APF
To Enable Pings:
pico -w /etc/apf/icmp.rules
Uncomment:
# Uncomment to enable pings
# $IPT -t filter -A INPUT -p icmp --icmp-type 8 -m limit --limit $ICMP_LIM/s -j ACCEPT
Then restart APF
------------------------------
commands:
/etc/rc.d/init.d/apf stop
/etc/rc.d/init.d/apf start
/etc/rc.d/init.d/apf restart
Thanks to EV1 Forum for much info on this.
Last edited by eBoundary; 01-19-2004 at 10:18 AM.
|
01-18-2004, 02:02 PM
|
|
Web Hosting Master
|
|
Join Date: Jan 2001
Location: Illinois, USA
Posts: 7,147
|
|
Thanks for the How-To!
Hopefully someone can follow this up with a detailed tutorial on how to configure APF
<edit>signature removed</edit>
Last edited by choon; 02-17-2004 at 03:29 PM.
|
01-19-2004, 01:54 AM
|
|
Web Hosting Master
|
|
Join Date: Apr 2001
Posts: 2,588
|
|
3 things,
1. I believe Ryan ( APF Author ) has recommended against the rpm.. and it may be outdated.
2. Why reboot?
3. This how-to seems to be fairly outdated, compared to the most recent APF versions.
Edit: I should also note for future readers that the above seems to be targeted towards cpanel / whm systems.
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:16 PM.
|
01-19-2004, 10:16 AM
|
|
WebHostingTalk Lover
|
|
Join Date: Mar 2003
Location: New York City
Posts: 7,393
|
|
Quote:
Originally posted by Haze
3 things,
1. I believe Ryan ( APF Author ) has recommended against the rpm.. and it may be outdated.
2. Why reboot?
3. This how-to seems to be fairly outdated, compared to the most recent APF versions.
Edit: I should also note for future readers that the above seems to be targeted towards cpanel / whm systems.
|
Sorry, I meant by restart apf, not reboot..
It be great if you can contribute a How-To for APF. (No RPM)
Also, these arent targeted towards only cpanel systems.
Cheers.
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:16 PM.
|
01-19-2004, 11:46 AM
|
|
Web Hosting Master
|
|
Join Date: May 2003
Location: Lewisville, Tx
Posts: 1,590
|
|
The documentation for APF is very clear and it is a very simple install. Basically untar it and run ./install.sh. The version outlined above is an old one as the port defining sections have changed in 0.9.3. In Ryan's forums there are sections of what he leaves open for different panels.
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:17 PM.
|
01-19-2004, 06:50 PM
|
|
WebHostingTalk Lover
|
|
Join Date: Mar 2003
Location: New York City
Posts: 7,393
|
|
Hi,
Ok anyways, here's installing without using RPM, this is a newer version of APF.
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xzf apf-current.tar.gz
cd /apf-0.9.3_3
./install.sh
Your set 
Remember to edit config etc..and read the README.
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:17 PM.
|
01-22-2004, 03:45 PM
|
|
Junior Guru
|
|
Join Date: Apr 2002
Location: Canada
Posts: 239
|
|
Last edited by choon; 02-09-2004 at 09:18 PM.
|
01-22-2004, 05:06 PM
|
|
WebHostingTalk Lover
|
|
Join Date: Mar 2003
Location: New York City
Posts: 7,393
|
|
Yea just saw that one posted on burst's forum, pretty good how-to as well 
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:18 PM.
|
02-04-2004, 01:39 AM
|
|
Web Hosting Master
|
|
Join Date: Dec 2003
Location: Canada
Posts: 791
|
|
lsmod: QM_MODULES: Function not implemented
Unable to load iptables module (ip_tables), aborting.
Any ideas?
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:18 PM.
|
02-05-2004, 08:10 PM
|
|
Web Hosting Master
|
|
Join Date: Dec 2003
Location: Canada
Posts: 791
|
|
Nevermind, I got it running.
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:19 PM.
|
02-07-2004, 04:13 AM
|
|
Web Hosting Guru
|
|
Join Date: Apr 2003
Posts: 267
|
|
and how to remove APF ? I'v install a rpm (old one ) and how to remove it to install a new one ?
|
02-07-2004, 11:22 PM
|
|
WebHostingTalk Lover
|
|
Join Date: Mar 2003
Location: New York City
Posts: 7,393
|
|
Try rpm -e apf
<edit>signature removed</edit>
Last edited by choon; 02-09-2004 at 09:19 PM.
|
02-27-2004, 07:08 PM
|
|
Junior Guru
|
|
Join Date: Jun 2002
Posts: 233
|
|
Quote:
Originally posted by 93.3
lsmod: QM_MODULES: Function not implemented
Unable to load iptables module (ip_tables), aborting.
Any ideas?
<edit>signature removed</edit>
|
If your kernel is compiled with iptables statically instead of as a module you need to do this in the conf.apf MONOKERN="0" Set it to "1" and then try start APF again.
|
02-27-2004, 07:47 PM
|
|
WebHostingTalk Lover
|
|
Join Date: Mar 2003
Location: New York City
Posts: 7,393
|
|
Quote:
Originally posted by SynHost
If your kernel is compiled with iptables statically instead of as a module you need to do this in the conf.apf MONOKERN="0" Set it to "1" and then try start APF again.
|
Yep, that should take care of it. Older version though don't have this option.
|
03-09-2004, 01:19 AM
|
|
Junior Guru
|
|
Join Date: Feb 2004
Posts: 206
|
|
lsmod: QM_MODULES: Function not implemented
I am only getting the following error: lsmod: QM_MODULES: Function not implemented wil making the same change to the config file work as well?
Thanks, Kevin
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
