Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 30th September 2005, 18:50
domino domino is offline
Senior Member
 
Join Date: Aug 2005
Posts: 364
Thanks: 0
Thanked 9 Times in 8 Posts
Default How to install APF (Advanced Policy Firewall)

What is APF (Advanced Policy Firewall)? APF Firewall
APF is a policy based iptables firewall system designed for ease of use and configuration. It employs a subset of features to satisfy the veteran Linux user and the novice alike. Packaged in tar.gz format and RPM formats, make APF ideal for deployment in many server environments based on Linux. APF is developed and maintained by R-fx Networks: http://www.rfxnetworks.com/apf.php

How-To: http://www.webhostgear.com/61_print.html
Reply With Quote
Sponsored Links
  #2  
Old 22nd October 2005, 11:43
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,262
Thanks: 78
Thanked 24 Times in 20 Posts
Default

please allow a silly little question: why would I block outgoing traffic/ports? I do understand that I want to restrict incoming ports due to security issues, but outgoing? I mean this is not a windows home pc where I might have spyware or whatever installed? And how do I know what outgoing ports are used/needed ?
Reply With Quote
  #3  
Old 27th October 2005, 03:40
domino domino is offline
Senior Member
 
Join Date: Aug 2005
Posts: 364
Thanks: 0
Thanked 9 Times in 8 Posts
Default

Sorry for the late reply. I got hung up on VMware Player the past week os so.

I can think one of many good reason why you would also deny outbound traffic. You can pretty much relate it to a Windows OS or apps that run in Windows. They also call home for one strange reason or another. So on your server, if you or someone on your account installed a script that routes outbound traffic on an abnormal port, you would know.
__________________
Shuttle XPC | Intel 865g | P4 3.2Ghz | ATI 9800 Pro
Hosts: Ubuntu 6.10 ~ XGL-Beryl SVN-Gnome | OS X 10.4.8 | WindowsXP
Virtual Appliances: Ubuntu Server 6.10 | WindowsXP | CentOS 4.4
Reply With Quote
  #4  
Old 12th November 2005, 21:52
decibel decibel is offline
Junior Member
 
Join Date: Nov 2005
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

The first thing in a good firewall configuration is to drop everything -in out forward- and then open only needed ports for in-out and forward.

In example if u want to open http requests to your server u have to open for input the port 80 and also the output for port 80.
Reply With Quote
  #5  
Old 7th March 2006, 20:22
Ovidiu Ovidiu is offline
Senior Member
 
Join Date: Sep 2005
Posts: 1,262
Thanks: 78
Thanked 24 Times in 20 Posts
Default

ok, I finally set up the apf firewall with the ad plugin. I realized I can use it for inbound traffic without bothering with the outbound module...

nevertheless maybe someone can help me a little bit with outgoing traffic rules. basically all ports opened for incoming which send back data like 21,25,80,81,443 need to be opened but what about ftp? I thought that was flowing out through different ports?

can someone explain this auto resetting of rules after 5mins? what exactly happens after 5 min? if I make changes I have 5 mins to try them out afterwards they are reset? if I did not manage to try it out in 5 mins I just have to restart apf to get 5 more mins?
Reply With Quote
  #6  
Old 8th March 2006, 03:57
tobiasly tobiasly is offline
Junior Member
 
Join Date: Mar 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hello Tenaka, when you apply rules to outboud traffic, it looks at the ports you're trying to connect *to*, not the ports you're connecting *from*. So for example you may need to open outbound port 80 (HTTP) if you use wget to download files. You'll need to open all the FTP ports if you want to use an ftp client or wget to connect to FTP sites from your box.

The 5-minute test period is in case you are connected remotely, and you really screw up your firewall so that you can't even connect via SSH. Ordinarily you would be screwed in that scenario, but with the 5-minute "trial" period, if you find your SSH is blocked, just wait 5 minutes and try again.

After the 5 minutes, *ALL* rules are dropped and your machine is wide open again just like you had no firewall. So if this is on a machine you have physical access to, you don't need the test mode and you can turn it off, because you can still connect through the console.

Of course once everything is working correctly, you'll need to take it out of test mode!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Notes for CentOS 4.1 install felipegeek Installation/Configuration 6 19th December 2005 10:21
Mix of Install Problems shawndb Installation/Configuration 5 15th September 2005 09:09
Where to Install latcarf Installation/Configuration 31 17th August 2005 10:46
Firewall problem davidg Installation/Configuration 4 14th August 2005 13:15
Fresh Install of FC4 using Perfect Install HowTo latcarf HOWTO-Related Questions 21 10th August 2005 22:55


All times are GMT +2. The time now is 06:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.