Results 1 to 4 of 4
  1. #1
    Join Date
    Apr 2006

    Another good firewall ? (already tried APF)

    Im using APF and CSF in some cpanel and ensim server, however.. in RHEL 3 & 4 servers APF is causing lot of troubles with proftpd connections... and now with SSL certificated sites... My question is..

    Do you know another good firewall for plain redhat servers ?


  2. #2
    Join Date
    Sep 2002
    Top Secret
    To resolve the issue with APF and proftpd connections, you can try the same fix that works with CSF. Simply open up that gigantic hole in the firewall.
    Unfortunately, this is a problem with software not following standards rules (ie: restricting connections to a certain port).

    Alternatively, you can use SFTP (ftp over ssh2) which should solve that issue as well.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Linux Problems? WHMCS Issues? +1-866-546-8914 (linux-14) or @whmcsguru on twitter!

  3. #3
    Join Date
    Mar 2003
    California USA
    Are you using apf in a monolithic mode? If so there is your problem. In a real world situation with conntrack_ftp the system should open the ports for ftp as needed.
    Steven Ciaburri | Proactive Linux Server Management -
    Managed Servers (AS62710), Server Management, and Security Auditing.

  4. #4
    Join Date
    Apr 2006
    In APF I already opened the TOS range for 45000:50000 for example (having 5000 ports only for ftp daemon), then also opened those in the ingress rules.. and still having the same issue... This problem happens even if I use proftp in the standart port or in a different one.

    Also.. I dont have monolitic mode on, SET_MONOKERN="0" .

    Anyway, do you know another good firewall for Ensim and Plain RedHat servers ?

    Thank you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts