Install iptables (Hopefully, you’ve done this already)

# yum install iptables* -y

Download, unpack, install of APF from source:

 

# cd /usr/local/src

# wget http://www.rfxn.com/downloads/apf-current.tar.gz

# tar -zxf apf-current.tar.gz

# cd apf-9*

# ./install.sh

 

Cleanup source install files:

# rm -Rf /usr/local/src/apf-9* && cd

 

Backup original APF config:

# cp /etc/apf/conf.apf /etc/apf/conf.apf.bak

 

Edit APF Configuration file:

# nano -w /etc/apf/conf.apf

 

Change the following settings:

RAB="0" to RAB="1"

RAB_PSCAN_LEVEL=”2″ to RAB_PSCAN_LEVEL=”3″

TCR_PASS=”1″ to TCR_PASS=”0″

DLIST_PHP=”0″ to DLIST_PHP=”1″

DLIST_SPAMHAUS=”0″ to DLIST_SPAMHAUS=”1″

DLIST_DSHIELD=”0″ to DLIST_DSHIELD=”1″

DLIST_RESERVED=”0″ to DLIST_RESERVED=”1″

IG_TCP_CPORTS=”21,22,25,53,80,443,3306″

IG_UDP_CPORTS=”″

EGF=”1”

EG_TCP_CPORTS=”22,3306,80,443″

EG_UDP_CPORTS=”″

DEVEL_MODE=”0”

 

Step 20: Reload APF:

# /usr/local/sbin/apf–r

Step 21:Make sure APF starts automatically after reboot:

# chkconfig --add apf

# chkconfig –level 345 apf on

Leave a Comment

Your email address will not be published. Required fields are marked *