vincenzobar
Verified User
- Joined
- Aug 15, 2004
- Messages
- 89
hi, i just installed APF after a major server rebuild. Turns out i got a virus that affected PHP and PHPbb and it destroyed my machine.
So I update all of the above and added Clam AV and APF.
In PAF i was wondering if anyone had any thing to add or comment on for my conf file. It seems like i have alot of ports open in Ingress and Egress and i want it to be as tight as possible. I lost 5 days because of this incedent and don't want it to happen again.
here are my Ingress
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="21,22,25,53,80,110,443,2222,3306"
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"
# Common ICMP (inbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
IG_ICMP_TYPES="3,5,11,0,30,8"
here are Egress:
# Egress filtering [0 = Disabled / 1 = Enabled]
EGF="0"
# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,25,80,443,43,2222"
# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53"
# Common ICMP egress (outbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
EG_ICMP_TYPES="all"
ALSO i set Dev to 0 but the log seems like it still flushes. is this right?
# Set firewall dev cronjob
# 1 = enabled / 0 = disabled
DEVM="0"
Any help or tips will be much appreciated!
So I update all of the above and added Clam AV and APF.
In PAF i was wondering if anyone had any thing to add or comment on for my conf file. It seems like i have alot of ports open in Ingress and Egress and i want it to be as tight as possible. I lost 5 days because of this incedent and don't want it to happen again.
here are my Ingress
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="21,22,25,53,80,110,443,2222,3306"
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"
# Common ICMP (inbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
IG_ICMP_TYPES="3,5,11,0,30,8"
here are Egress:
# Egress filtering [0 = Disabled / 1 = Enabled]
EGF="0"
# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,25,80,443,43,2222"
# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53"
# Common ICMP egress (outbound) types
# 'internals/icmp.types' for type definition; 'all' is wildcard for any
EG_ICMP_TYPES="all"
ALSO i set Dev to 0 but the log seems like it still flushes. is this right?
# Set firewall dev cronjob
# 1 = enabled / 0 = disabled
DEVM="0"
Any help or tips will be much appreciated!
