• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

[HOWTO] APF Firewall Install

Recommended Posts

Bushrat    0

Just thought I'd update the howto's for APF.

Type ifconfig

Find out if it?s using eth0 or eth1.

Usually its eth0 but if its not, change it in conf.apf or you?ll be completely blocking the server from access

wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

tar -xvzf apf-current.tar.gz

cd apf*

./install.sh

pico -w /etc/apf/conf.apf

RESV_DNS="1"

All SYSCTL options should be set to 1 EXCEPT for

SYSCTL_OVERFLOW="0"

SYSCTL_SYNCOOKIES="0"

USE_DS="1"

USE_AD="1"

FOR PLESK:

IG_TCP_CPORTS="20,21,22,25,53,80,110,143,443,465,993,995,8443"

IG_UDP_CPORTS="37,53,873"

EGF="1"

EG_TCP_CPORTS="20,21,22,25,53,37,43,80,113,443,465,873"

EG_UDP_CPORTS="53,873"

For CPANEL:

IG_TCP_CPORTS=" 20,21,22,25,53,80,110,143,443,993,995,2082,2083,20

86,2087,2095,2096"

IG_UDP_CPORTS="37,53,873"

EGF="1"

EG_TCP_CPORTS="20,21,22,25,37,53,43,80,113,443,465,873,2087,2089"

EG_UDP_CPORTS="53,873"

apf ?s to start firewall.

If you are not kicked out of SSH and you can type commands after it loads, that means it?s installed correctly.

pico -w /etc/apf/ad/conf.antidos

LP_KLOG="1"

USR_ALERT="1"

USER = ?root?

ARIN_ALERT="1"

pico -w /etc/apf/conf.apf

change DEVM to 0

apf -r

If you have any problems, Pm me.

Share this post


Link to post
Share on other sites
dotRoot    1

DirectAdmin:

IG_TCP_CPORTS="2222"

Webmin:

IG_TCP_CPORTS="10000"

GameSpy:

IG_TCP_CPORTS="23000"

Also for everyone who run gameservers you need to find out what ports are used for the games and open those UDP ports and also if it uses gamespy to list itself you need UDP port: 23000 open as well.

And one more thing, if you need to open a set of ports such as say: 2400-2900 you can just put: 2400_2900 in the APF config. The _ (underscore) is like a - (dash).

Share this post


Link to post
Share on other sites
markjensen    101

Thanks for the guides!

The new '*nix server' area that was created is a little sparse, as most of our previous guides were workstation/desktop focused.

Share this post


Link to post
Share on other sites
Bushrat    0
Thanks for the guides!

The new '*nix server' area that was created is a little sparse, as most of our previous guides were workstation/desktop focused.

585302916[/snapback]

No problem

i will be posting more soon :)

Share this post


Link to post
Share on other sites
Vinh    0

Any one tested this on ubuntu yet?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.