Install iptables (Hopefully, you’ve done this already)
# yum install iptables* -y
Download, unpack, install of APF from source:
# cd /usr/local/src
# wget http://www.rfxn.com/downloads/apf-current.tar.gz
# tar -zxf apf-current.tar.gz
# cd apf-9*
# ./install.sh
Cleanup source install files:
# rm -Rf /usr/local/src/apf-9* && cd
Backup original APF config:
# cp /etc/apf/conf.apf /etc/apf/conf.apf.bak
Edit APF Configuration file:
# nano -w /etc/apf/conf.apf
Change the following settings:
RAB="0" to RAB="1"
RAB_PSCAN_LEVEL=”2″ to RAB_PSCAN_LEVEL=”3″
TCR_PASS=”1″ to TCR_PASS=”0″
DLIST_PHP=”0″ to DLIST_PHP=”1″
DLIST_SPAMHAUS=”0″ to DLIST_SPAMHAUS=”1″
DLIST_DSHIELD=”0″ to DLIST_DSHIELD=”1″
DLIST_RESERVED=”0″ to DLIST_RESERVED=”1″
IG_TCP_CPORTS=”21,22,25,53,80,443,3306″
IG_UDP_CPORTS=”″
EGF=”1”
EG_TCP_CPORTS=”22,3306,80,443″
EG_UDP_CPORTS=”″
DEVEL_MODE=”0”
Step 20: Reload APF:
# /usr/local/sbin/apf–r
Step 21:Make sure APF starts automatically after reboot:
# chkconfig --add apf
# chkconfig –level 345 apf on