in your server command prompt
** You need to have iptables installed in your server **
wget http://www.r-fx.ca/downloads/apf-current.tar.gz
tar zxf apf-current.tar.gz
cd apf-x
./install.sh
edit /etc/apf/conf.apf
IFACE_IN="xxx"
IFACE_OUT="xxx" -- replace xxx with internet exposed interface
IFACE_TRUSTED="yyy" -- -- replace xxx with internal network where firewall not applicable ( if available ) .
change
# Common inbound (ingress) TCP ports
IG_TCP_CPORTS="22,80,4443" --- mention the ports that you want to keep open in external interface .
A lot of other directives are there to manipulate your config .
Only basic configs are mentioned here .
then start apf " apf -s" andf test your firewall
If all set just set DEVEL_MODE="0" in conf.apf then
stop apf " apf -f"
and start "apf -s"
** You need to have iptables installed in your server **
wget http://www.r-fx.ca/downloads/apf-current.tar.gz
tar zxf apf-current.tar.gz
cd apf-x
./install.sh
edit /etc/apf/conf.apf
IFACE_IN="xxx"
IFACE_OUT="xxx" -- replace xxx with internet exposed interface
IFACE_TRUSTED="yyy" -- -- replace xxx with internal network where firewall not applicable ( if available ) .
change
# Common inbound (ingress) TCP ports
IG_TCP_CPORTS="22,80,4443" --- mention the ports that you want to keep open in external interface .
A lot of other directives are there to manipulate your config .
Only basic configs are mentioned here .
then start apf " apf -s" andf test your firewall
If all set just set DEVEL_MODE="0" in conf.apf then
stop apf " apf -f"
and start "apf -s"
No comments:
Post a Comment