Firewalls

[thewebhosting]

We are having APF firewall installed on our Linuxservers. Are there any other better firewalls to run on RHEL? what about configserver?

[shital]

Hello,

You can BFD firewall on server.

BFD installation
============

wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

tar -xvzf bfd-current.tar.gz

cd bfd-0.9/

./install.sh

Configuration Steps
==============

vi /usr/local/bfd/conf.bfd

Find : ALERT_USR="0" CHANGE TO: ALERT_USR="1"

Find : EMAIL_USR="root" CHANGE TO: EMAIL_USR="your@yourdomain.com"

Prevent locking yourself out
=====================

vi pico -w /usr/local/bfd/ignore.hosts

add your own trusted IP's Eg : 192.168.8.1

BFD uses APF' cli insert feature and as such will override any allow_hosts.rules entries users have in-place. So be sure to add your trusted ip addresses to the ignore file to prevent locking yourself out.

To run the program
===============

/usr/local/sbin/bfd -s


Also you can install CSF (Config Server Firewall)

=========================================
Below is a description how to install CSF (Config Server Firewall)

I. Installation
Installation is quite straightforward:

rm -fv csf.tgz
wget www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That's it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it's non-standard on
installation.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

II. Uninstallation
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

Regards,
Shital

[Infopro]

We are having APF firewall installed on our Linuxservers. Are there any other better firewalls to run on RHEL? what about configserver?

What happened to this thread that you started another one of the same topic?

[thewebhosting]

What happened to this thread that you started another one of the same topic?

Please close this topic as we have already installed csf on our server as per your advise.