How do I install APF firewall into the VE?
The installation of APF requires some additional steps to be taken on the hardware node. 1. First of all, you should define which iptables modules are available for VEs. Edit /etc/sysconfig/iptables-config file on a Virtuozzo hardware node: IPTABLES_MODULES=”ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp” Edit /etc/sysconfig/vz file on a Virtuozzo hardware node: IPTABLES=”ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp” Please note – […]
Read MoreUninstall APF
Sometimes we may require to remove APF from the server. Here is a guide which shows how to remove APF completely from the server. Stop the firewall first service apf stop /bin/rm -rfv /etc/apf Remove the cron for APF /bin/rm -fv /etc/cron.daily/fw /bin/rm -fv /etc/init.d/apf lastly disable at startup chkconfig apf off This should remove APF completely from the server as we removed the APF daemon, cron and files.
Read MorecPanel required ports list
Cpanel required ports list User Opinions ( ) How would you rate this answer? Helpful Not helpful Help us improve. Why was this unhelpful? Thank you for rating this answer. Port Service Protocol Direction Notes 20 ftp tcp inbound/outbound 21 ftp tcp,udp inbound/outbound 22 ssh tcp inbound 25 smtp tcp inbound/outbound 26 smtp tcp inbound/outbound 37 rdate tcp outbound 43 whos tcp outbound 53 DNS tcp/udp inbound/outbound Inbound only needed if you run your own DNS server 80 http tcp […]
Read MoreDoS: looking at open connections
Here is a command line to run on your server if you think your server is under attack. It prints our a list of open connections to your server and sorts them by ammount. RedHat: netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n BSD: netstat -na |awk ‘{print $5}’ |cut -d “.” -f1,2,3,4 |sort |uniq -c |sort -n You can also check for connections by running the following command. netstat […]
Read More