The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apf

Discussion in 'General Discussion' started by nickp666, Nov 24, 2005.

  1. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    Have a strange one with APF and vnet's.

    Server was originally set up with one IP, since I have added four for various ssl hosts etc, I changed the APF config so that vnet files were created for each IP, its created the rules files but is dropping every connection to the other IP's apart from the whitelist addresses, I tried manually adding the open port rules to the individual IP's vnet configs however it is still dropping everything. I have run out of ideas now and was wondering if anyone could shed any light on something I may have missed.

    Many Thanks
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Probably the simplest thing to do is to remove and reinstall the latest version of APF. Unless you want specific port filtering per IP address rather than on all IP addresses, then there's no need at all to have separate configurations as APF will apply to all IPs whether they're added or removed.

    So, if you're running the latest version, make sure that EN_VNET="0"

    (I think I just did myself out of some beer money ;))
     
  3. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
  4. nickp666

    nickp666 Well-Known Member

    Joined:
    Jan 28, 2005
    Messages:
    770
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    /dev/null
    it was already running the latest, I removed it all, and re-installed it keeping to the vnet option you mentioned, it seemed to work ok but has now gone back to how it was (Dropping everything apart from traffic headed for the main IP, any aliased IP's arent accepting whilst apf is running)

    Looks like the beer money needs to come your way after all!


    I'm going to have another mess with it, see if i can get it to work, if not I will be in touch first thing on monday if thats ok?
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Certainly :)
     

Share This Page