Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

APF firewall - slight problem...

Discussion in 'General Discussion' started by jez9999, May 13, 2006.

  1. jez9999

    jez9999 Well-Known Member

    Jun 10, 2005
    Likes Received:
    Trophy Points:
    OK, I've installed APF firewall and now the correct iptables modules seem to have been installed for it. When I run apf --start, it's setting up iptables correctly... except for one thing.

    iptables -L is telling me that the default policy for the INPUT, FORWARD and OUTPUT chains is 'ACCEPT'. Now, I'm no iptables expert, but that seems pretty useless for a firewall to me. Doesn't that mean that any port I don't explicitly ban will be allowed, ie. a blacklisting policy?

    My ability to connect to port 2095 on my server, a port I hadn't put in the common ingress ports list in the APF config file, would seem to confirm this assumption.

    I want a whitelist-based firewall. Is there a way to get APF to do this? Preferably not having to manually access iptables myself? (I thought the point of APF was to hide the complexity of iptables from you!)

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice