Debian
Member
- Joined
- Aug 8, 2010
- Messages
- 194
- Reaction score
- 6
Being a web host, your servers are constantly being attacked by hackers by denial-of-service (DoS) and other brute force attacks. There is no foolproof method to stop 100% of all attacks, but there are ways to protect your servers by applying firewall rules, and detecting and banning attacking IPs.
This tutorial I throw this one in order that any person understands it following the steps later:
install : APF -- Advanced Policy-based Firewall
What is APF?
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information and all the features one would expect from a current and forward thinking firewall solution.
APF is one of the best firewalls out there and is an important component in your server security. Every server should have a firewall installed !
How to install APF
Read the README.apf and README.antidos for configuration options. Edit the /etc/apf/conf.apf and modify the following lines to your need.
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.
For more information about apf configuration please feel free to consult http://rfxnetworks.com/appdocs/README.apf
Please note that APF has a very nice log that you can check. For example you can tail the last 10 rows for this files
By default, APF is setup to run in development mode which flushes firewall rules every 5 minutes. Running in development mode defeats the purpose of running APF, as it will automatically flush every 5 minutes. Configure the Ingress (inbound) TCP and UDP ports that need to be opened. Finally, enable AntiDos by setting USE_AD="1".
Edit the /etc/apf/ad/conf.antidos as you fit necessary, and start the APF firewall.
Forgive my bad English and I hope that this serves someone
This tutorial I throw this one in order that any person understands it following the steps later:
install : APF -- Advanced Policy-based Firewall
What is APF?
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information and all the features one would expect from a current and forward thinking firewall solution.
APF is one of the best firewalls out there and is an important component in your server security. Every server should have a firewall installed !
How to install APF
Code:
# cd /usr/src
# mkdir utils
# cd utils
# wget http://rfxnetworks.com/downloads/apf-current.tar.gz
# tar xfz apf-current.tar.gz
# cd apf-*
# ./install.sh
Read the README.apf and README.antidos for configuration options. Edit the /etc/apf/conf.apf and modify the following lines to your need.
Code:
DEVEL_MODE="0"
IG_TCP_CPORTS="21,22,25,53,80,110,143,443,3306,7171,7172"
IG_UDP_CPORTS="53,111"
USE_AD="1"
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.
For more information about apf configuration please feel free to consult http://rfxnetworks.com/appdocs/README.apf
Please note that APF has a very nice log that you can check. For example you can tail the last 10 rows for this files
By default, APF is setup to run in development mode which flushes firewall rules every 5 minutes. Running in development mode defeats the purpose of running APF, as it will automatically flush every 5 minutes. Configure the Ingress (inbound) TCP and UDP ports that need to be opened. Finally, enable AntiDos by setting USE_AD="1".
Edit the /etc/apf/ad/conf.antidos as you fit necessary, and start the APF firewall.
Code:
# apf --start
Forgive my bad English and I hope that this serves someone
Last edited: