????????? ????????? APF - Advanced Policy Firewall

??? ?????? ????????? ????????????? ????????? ?? ???????. ??????? ??????? ????? ????????? ?????????? ????? ??????? ??????? APF ( Advanced Policy Firewall )

1. ????????? ? ?????????? /usr/src:
cd /usr/src
2. ???????? ?????????? ?????? APF:
wget http://rfxnetworks.com/downloads/apf-current.tar.gz
3. ?????????????? ???? APF tar.gz:
tar -xvzf apf-current.tar.gz
4. ??????? ???????? ??? tar.gz:
rm -f apf-current.tar.gz
5. ?????????? ?????????? ??? APF:
ls -la
???? ?????????? apf-#.#/ ??? #.# ???????? ??????? APF ??????????????? ????
(APF ?????? 0.8.7 ????? ? ??????????? apf-0.8.7 ? ?????? 0.9 ????? ????????? ? ?????????? apf-0.9).
6. ????????? ? ?????????? APF
??????????? ??????????, ???????????? ? ?????? 5.
?????? – ????? ?????? ?????????? ? ??????? ????? ??????, ???????? ?? ??? ???????? ? ?????? ?????? ????? ??????:
cd apf-0.9
7. ????????? ??????????? APF:
sh ./install.sh
8. ????????? ? /etc/apf ??????????:
cd /etc/apf
9. ?????????????? ???????????????? ???? conf.apf :
pico -w conf.apf

??? ?????????? ?????? ????????? ??????????????? ??????????? ????? ?????/??????.
??? ????? ??????????????? ??? ?????? ????? ????????, ??? mail, ftp, ssh.

Common ingress (inbound) ports
# Common ingress (inbound) TCP ports -IG_TCP_CPORTS="21,22,25,53,80,110,143,443,2082,2083, 2086,2087, 2095, 2096,3000_3500, 9999"
#
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"

Common egress (outbound) ports
# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,25,80,443,43,2089"
#
# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53"

??? Enzim ??????? ??? ???? ??:
Common ingress (inbound) ports
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="21,22,25,53,80,110,143,443,19638"
#
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"

Common egress (outbound) ports
# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,25,80,443,43"
#
# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53" )

10. ????? ?????????????? ?????? ???????? ???? ? ????????????? ????????:
CTRL-x ,
????? Y
??? ?????? enter ??? ?????????????
11. ????????? APF:
./apf --start
???:
service apf start
12. ???? APF ???????? ?????, ???????? ???????? DEVM ?? 0
pico -w conf.apf
???????? – ??????? ??? ?????? ????? ???????? ???????????? ?????? ????????!
DEVM=1 ???? ??? ??????????? ????????? ??????? ????????????????? ????????? – ???? ???? ?? ??????? ??????, DEVM=1 ????????? APF ????? 5 ?????.
DEVM="0"
13. ???????? ???? ? ??????? ?? Pico:
CTRL-x,
y,
enter
14. ????????????? APF
service apf restart

????????? ?????????? ????????????? ?????? ???????? ?? ??????? ?????? ???????, ??? ????? ?????????? ????????? ?????? ? ??????? ? ???????????? IP.
1. ??? ?????????? ???????? ? IP xx.xx.xx.xx/24 (??? xx.xx.xx.xx/24 – IP ??????????)
pico -w /etc/apf/allow_hosts.rules
2. ? ????? ????? ????? ???????:
xx.xx.xx.xx/24

?? ???????? xx.xx.xx.xx/24 ???????? ?? IP ????? ?????????? (???????? ??? ?????????? ThePlanet ??? 12.96.160.0/24 )

??????????? ???????.
????????? ??????????? ???????, ??????????? ????????? ???????????? - ?????????? ?????

??????