Results 1 to 7 of 7

Thread: APF problems

  1. #1
    Join Date
    Apr 2005
    Location
    Tinterweb
    Posts
    556

    Exclamation APF problems

    I have just got an ssh issue sorted 10 minutes ago, now I have a problem with APF.
    I decided to install CSF, went ok, disabled apf. Didn’t like CSF to much and didn’t have time to configure it correctly. So uninstalled csf, now APF is my main firewall, but for some reason it doesn’t want to block ports, even though I have only enabled certain ports to be allowed such as 21, 80 etc. Restarted APF, rebooted server.
    If anyone has any ideas please let me know.

  2. #2
    Join Date
    Aug 2003
    Location
    Florida
    Posts
    181
    Any chance you accidentally rebooted to a different kernel without iptables? No change in the APF conf at all since your working pre-CSF install, right?
    Tyler
    www.AdminZoom.com
    "Server Administration Done Right"

    Server setup, hardening, migrations and more

  3. #3
    Join Date
    Apr 2005
    Location
    Tinterweb
    Posts
    556
    I only rebooted when this issue arisen. IPtables is installed and working.
    APF working and configured. Its just not blocking ports for some reason.

  4. #4
    Join Date
    May 2006
    Location
    India
    Posts
    661
    These are the possibilities i could think of :-

    1) Your main IP is on eth1 and you have APF configured for eth0.
    2) You have multiple uncommented entries of IG_TCP_CPORTS in apf conf. Only the last entry matters.

    Before that, check whether its APF only that controls your firewall. To check that - stop your apf and list your iptables rules ( iptables -L -n ). If you still have non-empty rulesets listed, apf no longer has any control over the firewall. In that case, you will need to dig further
    SparkSupport.Com - The Premier Tech Company
    Cloud Solutions|Email Infra setup|VOIP|Video Streaming|Software Development
    Email: info@sparksupport.com Phone : 1- 408-600-1449 | Skype : shijils

  5. #5
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,588
    Yep check your iptables rules and make sure APF is actually loading the ruleset. iptables -L

  6. #6
    Join Date
    Apr 2005
    Location
    Tinterweb
    Posts
    556
    When I stop apf, i have an empty rule set, when I start apf the rules are loaded.

  7. #7
    Join Date
    Apr 2005
    Location
    Tinterweb
    Posts
    556
    Just done an APF re-install, seems to be blocking the correct ports.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •