BFD without APF?

**DavidR** · 12-26-2004 05:17 PM

I'm using a Virtuozzo VPS which appears to be unable to run APF. Does anyone know if BFD will work without APF? I know that on my old system with both installed, BFD used APF to ban the IP's from attacks. My host installed a firewall script but even if I find out how to ad IP's to it, does anyone have experience altering that behavior with BFD? I would greatly appreciate any feedback. I've posted on rfxnetworks.com but it's pretty quite over there.

Failing anything else, are there any decent replacements available for BFD? Thanks!

David

**dezignguy** · 12-27-2004 07:59 AM

BFD would be useless without APF to actually block the 'bad' ips. It is just a shell script though, so if you know or can learn the scripting language, it shouldn't be too difficult to modify how it adds the ip to the apf firewall, so you should be able to get it to work with your firewall, if your firewall supports adding ips to block in the same way that APF/iptables works.

**chirpy** · 12-27-2004 09:36 AM

Actually, it's very simple to configure BFD without APF (I do it for people with vps's all the time). You just need to modify /usr/local/bfd/conf.bfd and set BCMD to something that your server can deal with:

1. Stick the IP address in /etc/hosts.deny using the example command:

BCMD="echo ALL:$ATT_HOST >> /etc/hosts.deny"

2. Stick it directly into iptables (but will be lost on reboot):

BCMD="iptables -I INPUT -p tcp -s $ATT_HOST -j DROP"

**dezignguy** · 12-27-2004 02:40 PM

Neat... that seems pretty handy... I hadn't taken a close look at BFD in a while and forgot that it had the block command in the config file so it wasn't necessary to modify the script itself.

**DavidR** · 12-27-2004 07:07 PM

I should be able to handle that. Since I assume the BFD/APF combination blocks them permanently, I will use solution #1 to do the same. Thanks!

David

**casey** · 12-27-2004 07:40 PM

Does anybody know of a good firewall to use with VPS servers? Or DavidR, would your host object to you sharing the script they used?

**DavidR** · 12-30-2004 11:16 PM

If you are using a UML (User Mode Linux) based VPS, you can install APF and set the "MONOKERN=1" in it's config. If using Virtuozzo, APF doesn't work. I will ask my host if there is any problem posting theirs for Virtuozzo VPS.

David

**casey** · 12-31-2004 12:19 AM

The two I have are virtuozzo.

LinkBack

Thread Tools

BFD without APF?

APF and BFD Install

APF and BFD issues...

APF+BFD+2.6.10 Kernel

APF & BFD

BFD and APF