Categories
HowTos Linux

How to install or Uninstall APF (Advance Policy Firewall) on CentOS / Ubuntu / BackTrack or any Linux distro

APF Advance Policy firewall that provides you an easy way to configure iptables rules. This is a short snippet how can you install/configure or uninstall APF on your Linux Server.

wget http://www.rfxn.com/downloads/apf-current.tar.gz
tar -zxvf apf-current.tar.gz
cd apf-9.7-2
./install.sh

APF installation is completed.

How to allow specific incoming ports in APF ? e.g 80,21
vim /etc/apf/conf.apf

Replace

IG_TCP_CPORTS="22"

To

IG_TCP_CPORTS="22,21,80"

One thing more, When you start APF for the first time, it runs in DEVEL mode so you have to disable that else it would flush all rules every 5 minutes.

To disable devel mode, Set it to “0″

DEVEL_MODE="0"

To block certain IP e.g 123.456.7.89 add it to /etc/apf/deny_hosts.rules
To allow certain ip for specific port e.g allow 123.45.6.78 to access 8088
Add following rule to /etc/apf/allow_hosts.rules

d=8088:s=123.45.6.78

Make sure, what ever changes you made to those files you need to reload APF service.
service apf restart

How to Uninstall APF Firewall?

chkconfig apf off
/etc/init.d/apf stop
rm -rf /etc/apf
rm -f /etc/cron.daily/fw
rm -f /etc/init.d/apf

Verify, you should not see any rule.

iptables -L -n