APF installation steps for Linux server – Command-line way

APF is the abbreviation of Advanced Policy Firewall. It is a policy based firewall system designed to configure firewall (IPTables rules) simply and user friendly. Configuring iptables is slightly hard without the help of an application like APF or CSF. We have already discussed a lot of topics regarding the firewall system CSF. Here I am explaining the steps to install APF in a Linux based server/system. RPM and tar.gz format installation packages are available.

How to install and configure APF(Advanced Policy Firewall) in Linux based server?

You can simply install the APF by following these steps.

Step I : Login to your server as root.
Step II : Do follow

cd /usr/local/src/
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -zxvf apf-current.tar.gz; cd apf-*

Step III : Execute the installation script.

sh ./install.sh

The application APF will be installed automatically after this 🙂
CSF is an alternative option, here is the installation steps >> Install and configure CSF <<

You will get the following error when you try to restart/start apf every time.

apf(660): {glob} !!DEVELOPMENT MODE ENABLED!! - firewall will flush every 5 minutes.

This is bacause of the development mode enabled in APF configuration file. You can disable it by editing the configuration file.
Details from APF configuration file regarding development mode:

# !!! Do not leave set to (1) !!!
# When set to enabled; 5 minute cronjob is set to stop the firewall. Set
# this off (0) when firewall is determined to be operating as desired.
DEVEL_MODE="1"

Edit the configuration file and set DEVEL_MODE=”0″, then restart APF using the command “apf -r“.

You must have an idea about APF commands to work with apf painlessly. Don’t worry, here is the link for apf commands >> APF command usages <<

That’s it 🙂

Related Links:
Install and configure CSF
CSF commands for Unix/Linux servers

Post navigation

Arunlal Ashok

Linux Systems Architect at Endurance International Group. I know her (Linux) since many years. Linux lover. Like to play on Linux console. I started this blog to share and discuss Linux thoughts.

Always happy for an open discussion! Write to arun (@) crybit (dot) com. Check about me for more details. About this blog and our strong members, check The team CryBit.com

Leave a Reply

Your email address will not be published. Required fields are marked *