m4ri00sh
Verified User
- Joined
- May 20, 2007
- Messages
- 206
OK, I had some problems with installing APF so I researched:
I found the informations at:
http://www.techyblog.com/content/view/49/27/
and here
http://www.scriptinstallation.in/apf_ipt_state.html
OK here you go (in case the websites crashed):
---------------
.. cd /opt
1. wget http://www.r-fx.ca/downloads/apf-current.tar.gz
2. wget http://www.mnxsolutions.com/scripts/apf.debian.init
3. tar -xzvf apf-current.tar.gz
4. cd apf-0.9.6-1/
5. ./install.sh
You will recieve back messages like below.. Notice the cp error.
Installing APF 0.9.6-1: cp: cannot create regular file `/etc/rc.d/init.d/apf': No such file or directory
Completed.
Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf
AntiDos install path: /etc/apf/ad/
AntiDos config path: /etc/apf/ad/conf.antidos
DShield Client Parser: /etc/apf/extras/dshield/
Other Details:
Listening TCP ports: 21,25,53,465,587
Listening UDP ports: 53,1812,1813,48921
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.
6. mv /opt/apf.debian.init /etc/init.d/apf
7. chmod +x /etc/init.d/apf
8. update-rc.d apf defaults
9. Edit /etc/apf/conf.apf to appropriate settings you may include Listening TCP/UDP from above if approp.
10. /etc/init.d/apf start
11. Validate, change /etc/apf/conf.apf DEVEL_MODE="0"
12. restart apf; /etc/init.d/apf restart
---------------------
but I got another error .....
Unable to load iptables module (ipt_multiport 1) so ..... I see you might have problem as well with ipt_state..... you need to...
---------------------
I have recently upgraded kernel of my linux server to 2.6.17.6. After this, APF Firewall stoped working. It give error message on starting firewall.
[root@server10 apf]# apf -s
Unable to load iptables module (ipt_state), aborting.
[root@server10 apf]#
The problem is due to module ipt_state is no longer exists, the name is changed to xt_state.
On my server, the module is available at "/lib/modules/2.6.17.6/kernel/net/netfilter"
The error can be fixed by editing /etc/apf/internals/functions.apf
# vi /etc/apf/internals/functions.apf
FIND
ml ipt_state 1
ml ipt_multiport 1
REPLACE WITH
ml xt_state
ml xt_multiport
----------------------
OK, Restarted apf and it seems to work, no errors, etc....
If someone sees a problem in that solution please respond....
I forgot about this: (found in different thread of this forum) oops
----
Scroll down to the "Common ingress (inbound) TCP ports section. At this point you need to find the correct configuration for your control panel.
-----DIrect Admin-----
IG_TCP_CPORTS="21,22,25,53,80,110,111,143,443,587,953,2222,3306,32769"
IG_UDP_CPORTS="53,111,631,724,5353,32768,32809"
---
I found the informations at:
http://www.techyblog.com/content/view/49/27/
and here
http://www.scriptinstallation.in/apf_ipt_state.html
OK here you go (in case the websites crashed):
---------------
.. cd /opt
1. wget http://www.r-fx.ca/downloads/apf-current.tar.gz
2. wget http://www.mnxsolutions.com/scripts/apf.debian.init
3. tar -xzvf apf-current.tar.gz
4. cd apf-0.9.6-1/
5. ./install.sh
You will recieve back messages like below.. Notice the cp error.
Installing APF 0.9.6-1: cp: cannot create regular file `/etc/rc.d/init.d/apf': No such file or directory
Completed.
Installation Details:
Install path: /etc/apf/
Config path: /etc/apf/conf.apf
Executable path: /usr/local/sbin/apf
AntiDos install path: /etc/apf/ad/
AntiDos config path: /etc/apf/ad/conf.antidos
DShield Client Parser: /etc/apf/extras/dshield/
Other Details:
Listening TCP ports: 21,25,53,465,587
Listening UDP ports: 53,1812,1813,48921
Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.
6. mv /opt/apf.debian.init /etc/init.d/apf
7. chmod +x /etc/init.d/apf
8. update-rc.d apf defaults
9. Edit /etc/apf/conf.apf to appropriate settings you may include Listening TCP/UDP from above if approp.
10. /etc/init.d/apf start
11. Validate, change /etc/apf/conf.apf DEVEL_MODE="0"
12. restart apf; /etc/init.d/apf restart
---------------------
but I got another error .....
Unable to load iptables module (ipt_multiport 1) so ..... I see you might have problem as well with ipt_state..... you need to...
---------------------
I have recently upgraded kernel of my linux server to 2.6.17.6. After this, APF Firewall stoped working. It give error message on starting firewall.
[root@server10 apf]# apf -s
Unable to load iptables module (ipt_state), aborting.
[root@server10 apf]#
The problem is due to module ipt_state is no longer exists, the name is changed to xt_state.
On my server, the module is available at "/lib/modules/2.6.17.6/kernel/net/netfilter"
The error can be fixed by editing /etc/apf/internals/functions.apf
# vi /etc/apf/internals/functions.apf
FIND
ml ipt_state 1
ml ipt_multiport 1
REPLACE WITH
ml xt_state
ml xt_multiport
----------------------
OK, Restarted apf and it seems to work, no errors, etc....
If someone sees a problem in that solution please respond....
I forgot about this: (found in different thread of this forum) oops
----
Scroll down to the "Common ingress (inbound) TCP ports section. At this point you need to find the correct configuration for your control panel.
-----DIrect Admin-----
IG_TCP_CPORTS="21,22,25,53,80,110,111,143,443,587,953,2222,3306,32769"
IG_UDP_CPORTS="53,111,631,724,5353,32768,32809"
---
Last edited:
)