Firewalls: Difference between revisions

From Cheatsheet
Jump to navigation Jump to search
Created page with '= Firewalls = == APF == Basic usage options usage /usr/local/sbin/apf [OPTION] most of the time can use just the following: apf [OPTION] -s|--start ......................…'
 
m 3 revisions
 
(2 intermediate revisions by the same user not shown)
Line 2: Line 2:


== APF ==
== APF ==
Basic usage options
===== Basic usage options =====


  usage /usr/local/sbin/apf [OPTION]
  usage /usr/local/sbin/apf [OPTION]
Line 16: Line 16:
  -d HOST CMT|--deny HOST COMMENT .... add host (IP/FQDN) to deny_hosts.rules and immediately load new rule into firewall
  -d HOST CMT|--deny HOST COMMENT .... add host (IP/FQDN) to deny_hosts.rules and immediately load new rule into firewall


To remove a ip from the firewall you have to manually edit the below file and then restart apf.
===== To remove a ip from the firewall =====
you have to manually edit the below file and then restart apf.
  vi /etc/apf/deny_hosts.rules
  vi /etc/apf/deny_hosts.rules
  /etc/init.d/apf restart
  /etc/init.d/apf restart


To whitelist a ip from the firewall do the following.
===== To whitelist a ip from the firewall =====
do the following.
  apf -a (ip here)
  apf -a (ip here)
  /etc/init.d/apf restart
  /etc/init.d/apf restart
Line 26: Line 28:
  vi /etc/apf/allow_hosts.rules
  vi /etc/apf/allow_hosts.rules
  /etc/init.d/apf restart
  /etc/init.d/apf restart





Latest revision as of 23:51, 23 October 2014

Firewalls

APF

Basic usage options
usage /usr/local/sbin/apf [OPTION]
most of the time can use just the following:
apf [OPTION]
-s|--start ......................... load firewall policies
-r|--restart ....................... flush & load firewall
-f|--flush|--stop .................. flush firewall
-l|--list .......................... list chain rules
-st|--status ....................... firewall status
-a HOST CMT|--allow HOST COMMENT ... add host (IP/FQDN) to allow_hosts.rules and immediately load new rule into firewall
-d HOST CMT|--deny HOST COMMENT .... add host (IP/FQDN) to deny_hosts.rules and immediately load new rule into firewall
To remove a ip from the firewall

you have to manually edit the below file and then restart apf.

vi /etc/apf/deny_hosts.rules
/etc/init.d/apf restart
To whitelist a ip from the firewall

do the following.

apf -a (ip here)
/etc/init.d/apf restart

Or the manual way

vi /etc/apf/allow_hosts.rules
/etc/init.d/apf restart


Starting APF:Unable to load iptables module (ipt_state), aborting.
vi /etc/apf/conf.apf

Find the line that says SET_MONOKERN and change it to 1

/etc/init.d/apf restart


CSF

Iptables

BFD

# of attemps
vi /usr/local/bfd/conf.bfd