Install Advanced Policy Firewall In Linux

Advanced Policy Firewall (APF) is an IPTables(Netfilter) based firewall system designed around the essential needs of today's Linux servers. The configuration is designed to be very informative and easy to follow. This tutorial explains how to install and configure APF - an interface to IPTables which lets you easily configure a full featured firewall to secure servers connected to a network.

1. Installing APF

First step, we will begin with downloading, extracting the archive with APF and installing it:
[root@www ~]# wget http://www.rfxn.com/downloads/apf-current.tar.gz
[root@www ~]# tar -zxvf apf-current.tar.gz
[root@www ~]# cd apf-9.7-2/
[root@www apf-9.7-2]# sh ./install.sh
Installing APF 9.7-2: Completed.

Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf

Other Details:
Listening TCP ports: 53,587,1225,2925,10024
Listening UDP ports: 53,123,216
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.
[root@www apf-9.7-2]#
[root@www ~]# chkconfig --level 2345 apf on

2.Configuration APF

APF's basic configuration file is /etc/apf/conf.apf so, we will edit the file

-----------------------------------------------------------------------
SET_MONOKERN="0"
# Untrusted Network interface(s); all traffic on defined interface will be subject to all firewall rules.
IFACE_IN="eth0"
IFACE_OUT="eth0"
# Common inbound (ingress) TCP ports
IG_TCP_CPORTS="2925,1225,80,53,443"
# Common inbound (ingress) UDP ports
IG_UDP_CPORTS="53"
# Common ICMP inbound (ingress) types 'internals/icmp.types' for type definition; 'all' is wildcard for any
IG_ICMP_TYPES="3,5,11,30"
# Common outbound (egress) TCP ports
EG_TCP_CPORTS="2925,1225,80,443,43,53"
# Common outbound (egress) UDP ports
EG_UDP_CPORTS="53"
# How to handle TCP packet filtering?
# RESET (sends a tcp-reset; TCP/IP default)
# DROP (drop the packet; stealth ?)
# REJECT (reject the packet)
TCP_STOP="DROP"
# How to handle UDP packet filtering?
UDP_STOP="DROP"
# How to handle all other packet filtering?
ALL_STOP="DROP"
# Block all private ipv4 addresses, this is address space reserved for private networks or otherwise unroutable on the Internet. If Your machine is behind NAT then set this to 0
BLK_PRVNET="1"
-----------------------------------------------------------------------
And then save and exit with type ctrl+x and type Y.

3. Start APF Service

[root@www ~]# /usr/local/sbin/apf -s
And we can use the following parameters:
-s - start APF
-r - restart APF
-f - stop APF
-l - list statistics
-st - status of APF
-a host - allow connections from "host"
-d host - deny connections from "host"

Similar Preventive :

Install Linux Malware Detect (LMD) with ClamAV
Tutorial Install mod_evasive In Centos Tutorial Install Lynis in Linux Tutorial How to Install RkHunter In Linux


 

Copyright Albenet Hosting Sunday 25-Jun-2017 All rights reserved.