hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : APF Firewall - Problem Starting
Reply

Forum Jump

APF Firewall - Problem Starting

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 08-07-2004, 11:41 AM
wscreate wscreate is offline
Disabled
 
Join Date: Apr 2001
Posts: 182

APF Firewall - Problem Starting


Hi. I have installed the APF firewall on a RH Linux 9 box with Cpanel and Apache 1.3.31.

When I try to start it, I get this error.

root@ns [~]# service apf start
Starting APF:/usr/local/sbin/apf: $IPTLOG: ambiguous redirect
/usr/local/sbin/apf: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
..........

And I have to stop the command via <ctrl> c

What could be the source of this problem? I cannot seem to be able to find the $IPTLOG variable.



Sponsored Links
  #2  
Old 08-07-2004, 02:56 PM
wscreate wscreate is offline
Disabled
 
Join Date: Apr 2001
Posts: 182
Strange this is, this firewall used to work fine until recently. I do not know what has changed to affect this.

  #3  
Old 08-07-2004, 06:33 PM
Rahil Rahil is offline
Aspiring Evangelist
 
Join Date: Jun 2003
Location: Toronto, Ontario, Canada
Posts: 441
Check your conf.apf for errors and/or missing lines?

Sponsored Links
  #4  
Old 08-07-2004, 07:00 PM
sprintserve sprintserve is offline
Retired Moderator
 
Join Date: Jan 2003
Posts: 9,004
What version of APF?

__________________
Like us on Facebook to qualify for discounts!
http://www.sprintserve.net
Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting |
Services: | Managed Multiple Cores 64bit Servers | Server Management |

  #5  
Old 08-07-2004, 07:14 PM
wscreate wscreate is offline
Disabled
 
Join Date: Apr 2001
Posts: 182
Quote:
Originally posted by sprintserve
What version of APF?
Version 0.9.3

  #6  
Old 08-07-2004, 07:18 PM
wscreate wscreate is offline
Disabled
 
Join Date: Apr 2001
Posts: 182
I did find the $iptlog variable.... Here is the code from /etc/apf/internals/function.apf

I see the $iptlog variable in the last line of the code below

You know, the only thing I did in the past weeks is I used "./scripts/securetmp" (CPanel server) to secure the /tmp directory on this server. Surely that has not interfered with this firewall?

========== CODE function.apf =============
##
echo "Inserted into firewall: Allow all to/from $HOST"
fi
else
echo "an FQDN or IP address is required for this option"
fi
}

d_cli_tr() {
HOST=$1
if [ ! "$HOST" == "" ]; then
val=`cat /etc/apf/deny_hosts.rules | grep -w $HOST`
if [ ! "$val" == "" ]; then
echo "$HOST already exists in trust system"
else
echo "$HOST" >> /etc/apf/deny_hosts.rules
$IPT -I INPUT -s $HOST -i $IF -j $DSTOP
$IPT -I OUTPUT -d $HOST -o $IF -j $DSTOP
eout "(insert) deny all to/from $HOST"
echo "Inserted into firewall: Deny all to/from $HOST"
fi
else
echo "an FQDN or IP address is required for this option"
fi
}

flush() {
if [ ! "$1" = "1" ]; then
eout "flushing & zeroing chain policies"
fi
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
for i in $chains; do $IPT -t $i -F; done
for i in $chains; do $IPT -t $i -X; done
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
if [ ! "$1" = "1" ]; then
eout "firewall offline"
fi
}

list() {
echo "Loading chain rules..."
:> /tmp/ipt.chains ; chmod 600 /tmp/ipt.chains
$IPT --line-numbers --list >> /tmp/ipt.chains
echo "Opening editor"
/usr/bin/pico -w /tmp/ipt.chains
clear
rm -f /tmp/ipt.chains
}

status() {
echo "$NAME Status Log:"
tac $IPTLOG | more
}

==============================

  #7  
Old 08-08-2004, 02:37 AM
BitOMagic BitOMagic is offline
Temporarily Suspended
 
Join Date: Jun 2004
Posts: 214
Try to do the follownig

service apf restart

If you have run /scripts/securetmp while having the firewall running. It may be a smart thing to restart APF.

  #8  
Old 08-08-2004, 11:35 AM
wscreate wscreate is offline
Disabled
 
Join Date: Apr 2001
Posts: 182
Quote:
Originally posted by BitOMagic
Try to do the follownig

service apf restart

If you have run /scripts/securetmp while having the firewall running. It may be a smart thing to restart APF.
Right. I have restarted apf. That's when I noticed that the error happens....


root@ns [~]# service apf restart
Stopping APF:/etc/init.d/apf: $IPTLOG: ambiguous redirect
/etc/init.d/apf: $IPTLOG: ambiguous redirect
[ OK ]
Starting APF:/usr/local/sbin/apf: $IPTLOG: ambiguous redirect
/usr/local/sbin/apf: $IPTLOG: ambiguous redirect
/usr/local/sbin/apf: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect
/etc/apf/firewall: $IPTLOG: ambiguous redirect

Reply

Related posts from TheWhir.com
Title Type Date Posted
GoGrid Adds New Firewall Services to Cloud SDN Architecture Web Hosting News 2013-04-11 10:50:21
Phoenix NAP Adds Firewall and Storage Capabilities to Secured Servers Web Hosting News 2013-01-21 14:15:08
Interoute Launches Cloud Firewall Service for Real-time View into Security Threats Web Hosting News 2012-12-04 16:00:56
Web Host HostGee Rolls Out Managed Firewall Cluster Service Web Hosting News 2012-10-22 15:36:38
Cloud Provider FiberCloud Offers Virtual Firewall Protection Web Hosting News 2012-05-08 12:15:24


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?