View Single Post
  #1  
Old 18th November 2011, 18:35
robsbots robsbots is offline
Junior Member
 
Join Date: Nov 2011
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy APF Advanced Policy Firewall under vps probs

Hi all.

I'm hoping to pick somebody's brain. I am trying to install APF on a ubuntu karmic vps. I do not have access to the real server, just the vps.

I have :-
Code:
IFACE_IN="venet0"
IFACE_OUT="venet0"
set in the config file which I belive is correct BUT when I start the server it says
Code:
apf(31804): {glob} flushing & zeroing chain policies
apf(31804): {glob} firewall offline
apf(31839): {glob} activating firewall
apf(31879): {glob} determined (IFACE_IN) venet0 has address 127.0.0.1
apf(31879): {glob} determined (IFACE_OUT) venet0 has address 127.0.0.1
apf(31879): {glob} loading preroute.rules
.........
venet0 has address 127.0.0.1 ???

Should this not be my static public ip address for the server ?
APF continues to load and all looks good except I can now no longer access the website. I seem to be able to ssh to the server ok.
# ip addr gives
Code:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
3: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
    link/void
    inet 127.0.0.1/32 scope host venet0
    inet my.stat.ic.ip/32 scope global venet0:0
I have also tried IFACE_IN="venet0:0" which reports
could not verify that interface venet0:0 is routed to a network, aborting.

Is it my IFACE settings or should I be looking at my rules ?

I still have the "DEVEL_MODE="1" safety net out and the web page pops up after the time out.

Any help would be much appreciated.

Thanks

Rob

Last edited by robsbots; 19th November 2011 at 14:32.
Reply With Quote
Sponsored Links