Add a firewall for Linux: Install and set the TDS-Linux Enterprise Application-Linux server application. For more information, see the following. What is an ASF?
<G id = "1"> Advanced Policy Firewall </G> is a software Firewall developed by Rf-x Networks in Linux. This API uses the default iptables rule in Linux. It can be regarded as one of the most famous software firewalls in Linux.
The general ports are listed below for your convenience:
21/tcp ftp
22/tcp ssh
25/tcp smtp
26/tcp backup smtp Port
80/tcp http
110/tcp pop3
143/tcp imap
443/tcp https
993/tcp imaps
995/tcp pop3s
3306/tcp mysql
5432/tcp ipvs
53/udp dns
After the configuration is complete, save and exit, and start the apt Firewall:
/Usr/local/sbin/apt-s
Note that the firewall is running in debugging mode and the configuration is rewashed every five minutes. This prevents server paralysis due to incorrect configurations.
After the configuration is correct, go to the configuration file (nano/etc/NTFS/conf. APT) and change DEVM = "1" to DEVM = "0 ″. In this way, the system runs in normal mode.
Restart the <G id = "1"> sup </usr/local/sbin/sup-s> command ).
NOTE: If your Linux kernel directly compiles iptables instead of the module mode, change MONOKERN = "0" to MONOKERN = "1" in the configuration file ″.
Optional Configuration:
The new feature of the active/standby filter is to prevent DoS attacks (/etc/active ). The log files are stored in/var/log/apfados_log.
Next we will configure the apt to send an email to the Administrator after it encounters DoS.
Open the configuration file:
Nano-w/etc/APL/ad/conf. antidos
Find [E-Mail Alerts].
CONAME = "Your Company" is Your website or Company name.
Change USR_ALERT = "0" to USR_ALERT = "0" so that the system sends an email.
USR = "your@email.com" for your email address.
Save and exit, and restart the <G id = "1"> </usr/local/sbin/<G id = "2"> </G> system ).
In addition, if you need to enable the system to run automatically after each restart, execute the following command:
Chkconfig -- level 2345 filters on
To remove Automatic startup:
Chkconfig -- del APL
Finally, I would like to thank Rf-x Networks for bringing you an excellent software firewall. We also hope that everyone can smoothly build an effective security barrier for their Linux systems.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.