10 APF (Advance Policy Firewall) commands in Linux – Simple usages
Protecting server using Linux basic firewall is much difficult by comparing with an firewall applications like CSF or APF. We have discussed about the installation and configuration of CSF on a Linux server. Here I am moving on APF, another powerful firewall configuring tool under Linux. APF commands are quite different from CSF and comparatively less in number. After this you will get a clean idea about the APF command usage.
APF : Advance Policy Firewall is a policy based firewall under Unix/Linux based system. The installation and configuration of APF is already discussed in our previous post. Visit this page >> How to install APF? << for APF installation steps. Here I’m discussing some commonly using APF commands.
Useful commands of APF
1. Command to start apf
# apf -s
2. Command to restart apf
# apf -r
3. Command to stop/flush apf
# apf -f
4. Command to list all firewall rules.
# apf -l
5. Command to output firewall status log.
# apf -t
6. To refresh & resolve dns names in trust rules.
# apf -e
7. To output all configuration options.
# apf -o
# apf -o --- APF version 9.7 <[email protected]> Copyright (C) 2002-2011, R-fx Networks <[email protected]> Copyright (C) 2011, Ryan MacDonald <[email protected]> This program may be freely redistributed under the terms of the GNU GPL DEVEL_MODE "0" INSTALL_PATH "/etc/apf" IFACE_IN "eth0" IFACE_OUT "eth0" IFACE_TRUSTED "" SET_VERBOSE "1" SET_FASTLOAD "0" ---
8. To remove host from [glob]*_hosts.rules and immediately remove rule from firewall.
# apf -u
9. White-list an IP address:
# apf -a IP or edit /etc/apf/allow_hosts.rules
Always restart apf after white-listing an IP in apf.
10. For blocking an IP in apf
# apf -d IP or edit /etc/apf/deny_hosts.rules
Don’t forget to restart apf after this.
That’s it 🙂