APF Does Not Work

[satishlive]

Hello Guys,

When i try to start APF it says Unable to load iptables module (ip_tables), aborting.

Is there something worng with APF ?

Satish

 

[dalem]

mmm sounds like you dont have iptables installed ??

service iptables start

rpm -q iptables

 

[satishlive]

I have iptables

I have iptables because if i type in iptables -L it gives me all the information

But still i get the following error message when i try to start apf

[email protected] [~]# service apf start
Starting APF:Development mode enabled!; firewall will flush every 5 minutes.
Unable to load iptables module (ip_tables), aborting.
[ OK ]

Satish

rpm -q iptables says

iptables-1.2.11-3.1.RHEL4

 

[dalem]

is it a VPS ?

 

[satishlive]

yes it is a VPS

Hello Again,

Yes it is a VPS

Satish

 

[bornonline]

Make sure this is set in the conf

SET_MONOKERN="1"

and probably need to check the setting for the network interface too. Probably empty or eth0 and probably needs to be venet0 on the VPS.

perl -p -i -e 's/eth0/venet0/g' /etc/apf/conf.apf
perl -p -i -e 's/eth0/venet0/g' /etc/apf/ad/antidos
perl -p -i -e 's/DEVEL_MODE="1"/DEVEL_MODE="0"/g' /etc/apf/conf.apf
perl -p -i -e 's/SET_MONOKERN="0"/SET_MONOKERN="1"/g' /etc/apf/conf.apf
perl -p -i -e 's/USE_AD=\"0\"/USE_AD=\"1\"/g' /etc/apf/conf.apf

 

[dalem]

set
set monokern to 1

and your device to
venet0:0

 

[satishlive]

I get the following error message

I have tried what you said but gives me the following error message.

[email protected] [/satcomm/apf-0.9.6-1]# /usr/local/sbin/apf -s
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables v1.2.11: Couldn't load target `OUT_SANITY':/lib/iptables/libipt_OUT_SANITY.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `OUT_SANITY':/lib/iptables/libipt_OUT_SANITY.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `OUT_SANITY':/lib/iptables/libipt_OUT_SANITY.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `OUT_SANITY':/lib/iptables/libipt_OUT_SANITY.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `OUT_SANITY':/lib/iptables/libipt_OUT_SANITY.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `OUT_SANITY':/lib/iptables/libipt_OUT_SANITY.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `OUT_SANITY':/lib/iptables/libipt_OUT_SANITY.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables: No chain/target/match by that name
iptables: Memory allocation problem
iptables v1.2.11: Couldn't load target `FUDP':/lib/iptables/libipt_FUDP.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `FUDP':/lib/iptables/libipt_FUDP.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables: No chain/target/match by that name
iptables: Memory allocation problem
iptables v1.2.11: Couldn't load target `PZ':/lib/iptables/libipt_PZ.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `PZ':/lib/iptables/libipt_PZ.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `PZ':/lib/iptables/libipt_PZ.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables v1.2.11: Couldn't load target `PZ':/lib/iptables/libipt_PZ.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
iptables: No chain/target/match by that name
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem
iptables: Memory allocation problem

 

[chirpy]

You'll have to speak to your VPS provider as that is pretty indicative of a VPS kernel that hasn't had all the necessary iptables modules loaded.

 

[satishlive]

What do i say

What do i say to my host ?

Satish

 

[satishlive]

We installed ConfigServer Firewall and we have huge problems

Hello Guys,

We installed ConfigServer Firewall and now not of sites are up and for some reason i cant ping and SSH into the server. Please Help

Satish

 

[mctDarren]

A VPS is quite a different animal then a dedicated server running CPanel. I would contact my VPS provider and tell them you need to get back up. Sadly, only they can help now if you can't connect to work in shell. Once you have their attention ask them about the firewall situation. While it's not impossible to get APF running on Virtuozzo (assuming that's what your provider is using) it can be tricky from their end. Hope you get things straight soon!

 

[satishlive]

My VPS guys are working on it

I hope my my VPS guys get it up...Never going to use Config Firewall Again...

Is there any other firewall which works with VPS and blocks Brute Force Attacks.

Thanks You So Much Guys

Satish

 

[satishlive]

VPS Up

My WHP guys got my VPS up.... I thought all my data was lost. They are good guys...

Webhostplus.com is good-hearted people.... so will tell them about the APF hope they can help me....

Reason Why it went down: Numiptent = Number of Netfiler (IP Packeting Filtering) entries was set too low. Causing none of your requests to get in.

Satish

 

[Secret Agent]

I have this problem too, but not a vps - regular cpanel server

iptables: Memory allocation problem

[email protected] [~]# ulimit -a
core file size          (blocks, -c) 1000000
data seg size           (kbytes, -d) unlimited
file size               (blocks, -f) unlimited
pending signals                 (-i) 1024
max locked memory       (kbytes, -l) 32
max memory size         (kbytes, -m) unlimited
open files                      (-n) 4096
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 14335
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited