I see a lot of people have mentioned APF when wanting to firewall their cPanel box. Is there any danger in using the standard /etc/sysconfig/iptables when configuring the firewall on RHEL4? I noticed the bandmin puts in a lot of rules for monitoring bandwidth - how does bandmin interact with firewalling packages and/or straight iptables rules?
APF uses IPTABLES. APF sets up rules and adds them to IPTABLES when the service is started, and flushes IPTABLES when the service is stopped. I haven't seen any problems with it and you should be able to set IPTABLES rules manually without issues.
I installed APF successfully on RHEL 4 today w/cPanel Works fine for me, setup is WHM/cPanel Stable RHEL 4 I am very satisfied
We would prefer to use straight iptables rules generated by filtergen... can anyone tell me how and when bandmin inserts its rules?