The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

BFD without APF?

Discussion in 'cPanel Developers' started by DavidR, Dec 26, 2004.

  1. DavidR

    DavidR Well-Known Member

    Joined:
    Feb 25, 2003
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    I'm using a Virtuozzo VPS which appears to be unable to run APF. Does anyone know if BFD will work without APF? I know that on my old system with both installed, BFD used APF to ban the IP's from attacks. My host installed a firewall script but even if I find out how to ad IP's to it, does anyone have experience altering that behavior with BFD? I would greatly appreciate any feedback. I've posted on rfxnetworks.com but it's pretty quite over there.

    Failing anything else, are there any decent replacements available for BFD? Thanks! :D

    David
     
  2. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    BFD would be useless without APF to actually block the 'bad' ips. It is just a shell script though, so if you know or can learn the scripting language, it shouldn't be too difficult to modify how it adds the ip to the apf firewall, so you should be able to get it to work with your firewall, if your firewall supports adding ips to block in the same way that APF/iptables works.
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Actually, it's very simple to configure BFD without APF (I do it for people with vps's all the time). You just need to modify /usr/local/bfd/conf.bfd and set BCMD to something that your server can deal with:

    1. Stick the IP address in /etc/hosts.deny using the example command:

    BCMD="echo ALL:$ATT_HOST >> /etc/hosts.deny"

    2. Stick it directly into iptables (but will be lost on reboot):

    BCMD="iptables -I INPUT -p tcp -s $ATT_HOST -j DROP"
     
  4. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    Neat... that seems pretty handy... I hadn't taken a close look at BFD in a while and forgot that it had the block command in the config file so it wasn't necessary to modify the script itself.
     
  5. DavidR

    DavidR Well-Known Member

    Joined:
    Feb 25, 2003
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    I should be able to handle that. Since I assume the BFD/APF combination blocks them permanently, I will use solution #1 to do the same. Thanks!

    David
     
  6. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    Does anybody know of a good firewall to use with VPS servers? Or DavidR, would your host object to you sharing the script they used?
     
  7. DavidR

    DavidR Well-Known Member

    Joined:
    Feb 25, 2003
    Messages:
    177
    Likes Received:
    0
    Trophy Points:
    16
    If you are using a UML (User Mode Linux) based VPS, you can install APF and set the "MONOKERN=1" in it's config. If using Virtuozzo, APF doesn't work. I will ask my host if there is any problem posting theirs for Virtuozzo VPS.

    David
     
  8. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    The two I have are virtuozzo. :(
     
Loading...

Share This Page