How to install or Uninstall APF (Advance Policy Firewall) on CentOS

APF Advance Policy firewall that provides you an easy way to configure iptables rules. This is a short snippet how can you install/configure or uninstall APF on your Linux Server.

wget http://www.rfxn.com/downloads/apf-current.tar.gz

tar -zxvf apf-current.tar.gz

cd apf-9.7-2

./install.sh

APF installation is completed.

How to allow specific incoming ports in APF ? e.g 80,21

vim /etc/apf/conf.apf

Replace

IG_TCP_CPORTS="22"

To

IG_TCP_CPORTS="22,21,80"

One thing more, When you start APF for the first time, it runs in DEVEL mode so you have to disable that else it would flush all rules every 5 minutes.

To disable devel mode, Set it to “0″

DEVEL_MODE="0"

To block certain IP e.g 123.456.7.89 add it to /etc/apf/deny_hosts.rules

To allow certain ip for specific port e.g allow 123.45.6.78 to access 8088

Add following rule to /etc/apf/allow_hosts.rules

d=8088:s=123.45.6.78

Make sure, what ever changes you made to those files you need to reload APF service.

service apf restart

How to Uninstall APF Firewall?

chkconfig apf off

/etc/init.d/apf stop

rm -rf /etc/apf

rm -f /etc/cron.daily/fw

rm -f /etc/init.d/apf

Verify, you should not see any rule.

iptables -L -n

您可以选择一种方式赞助本站

支付宝转账赞助

支付宝扫一扫赞助

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

图片 表情