Adding a firewall to a Linux system: Installation and setup of the Active Directory Filter

What is an ASF?

<G id = "1"> Advanced Policy Firewall </G> is a software Firewall developed by Rf-x Networks in Linux. This API uses the default iptables rule in Linux. It can be regarded as one of the most famous software firewalls in Linux.

Download the latest version of the apt:

Wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

Decompress:

Tar-xzvf apf-current.tar.gz

Go to the directory:

Cd apt-version

Install!

./Install. sh

After the installation is complete, configure the apt:

Nano/etc/APL/conf. Filters

Search (ctrl + w) USE_DS = "0" and change it to USE_DS = "1"; find USE_AD = "0" and change it to USE_AD = "1 ″.

Then configure the main part: port.

The following are recommended configurations for cPanel, Ensim, and Plesk.

CPanel

IG_TCP_CPORTS = "20, 21, 80,110,143,443,465,993,995,208 ″

IG_UDP_CPORTS = "873 ″

GF = "1 ″

EG_TCP_CPORTS = "80,110,113,443,465,873,208, 26 ″

EG_UDP_CPORTS = "20, 21, 37,53, 873 ″

Ensim

IG_TCP_CPORTS = "80,110,143,443,196, 22, 38 ″

IG_UDP_CPORTS = "53 ″

GF = "1 ″

EG_TCP_CPORTS = "80,110,443 ″

EG_UDP_CPORTS = "20, 21, 53 ″

Plesk

IG_TCP_CPORTS = "20, 21, 110,143,443,465,993,995,844 ″

IG_UDP_CPORTS = "873 ″

GF = "1 ″

EG_TCP_CPORTS = "20, 21, 113,443,465,873 ″

EG_UDP_CPORTS = "53,873 ″

The general ports are listed below for your convenience:

21/tcp ftp

22/tcp ssh

25/tcp smtp

26/tcp backup smtp Port

80/tcp http

110/tcp pop3

143/tcp imap

443/tcp https

993/tcp imaps

995/tcp pop3s

3306/tcp mysql

5432/tcp ipvs

53/udp dns

After the configuration is complete, save and exit, and start the apt Firewall:

/Usr/local/sbin/apt-s

Note that the firewall is running in debugging mode and the configuration is rewashed every five minutes. This prevents server paralysis due to incorrect configurations.

After the configuration is correct, go to the configuration file (nano/etc/NTFS/conf. APT) and change DEVM = "1" to DEVM = "0 ″. In this way, the system runs in normal mode.

Restart the <G id = "1"> sup </usr/local/sbin/sup-s> command ).

NOTE: If your Linux kernel directly compiles iptables instead of the module mode, change MONOKERN = "0" to MONOKERN = "1" in the configuration file ″.

Optional Configuration:

The new feature of the active/standby filter is to prevent DoS attacks (/etc/active ). The log files are stored in/var/log/apfados_log.

Next we will configure the apt to send an email to the Administrator after it encounters DoS.

Open the configuration file:

Nano-w/etc/APL/ad/conf. antidos

Find [E-Mail Alerts].

CONAME = "Your Company" is Your website or Company name.

Change USR_ALERT = "0" to USR_ALERT = "0" so that the system sends an email.

USR = "your@email.com" for your email address.

Save and exit, and restart the <G id = "1"> </usr/local/sbin/<G id = "2"> </G> system ).

In addition, if you need to enable the system to run automatically after each restart, execute the following command:

Chkconfig -- level 2345 filters on

To remove Automatic startup:

Chkconfig -- del APL

Finally, we hope everyone can successfully build an effective security barrier for their Linux systems.