Hello, friends. In this post, you will learn how to install APF on Rocky Linux 9 / Alma Linux 9.
According to the project website:
APF is an iptables(netfilter) based firewall system designed around
The essential needs of today’s Internet deployed servers and the unique
needs of custom deployed Linux installations.
One of the main features of APF is that it is easy to configure. This is important so that we can use it without hassle.
Some features of APF are:
- Detailed and well commented configuration file
- Granular inbound and outbound network filtering
- User ID based outbound network filtering
- Application-based network filtering
So let’s go for it. Let’s install APF and apply some initial settings.
Install APF on Rocky Linux 9 / Alma Linux 9
APF is not included in the official repositories of Rocky Linux 9, but this does not prevent us from installing it without any problems.
First, open a terminal and update the whole system:
sudo dnf updateThen, you can download it
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gzThereafter, unzip it
tar -zxf apf-current.tar.gzThis creates a folder with the name and version of APF. Access it.
cd apf-1*There you will find a file called install.sh which is an installation script to ease the whole process.
Run it with root permissions to start the installation process:
sudo ./install.shIf all goes well, you will see a screen output like the following
As you can see, the process is simple. There you will also see the APF configuration and administration paths.
Configuring APF on Rocky Linux 9 / Alma Linux 9
The paths that APF handles are simple. In the case of the configuration, the path indicated is /etc/apf/conf.apf this file can be backed up before editing it.
sudo cp /etc/apf/conf.apf /etc/apf/conf.apf.bakNow, with more freedom, you can edit it
sudo vi /etc/apf/conf.apfThe first thing you have to do is to set the network interface where the rules will be applied
IFACE_UNTRUSTED="eth0"Below, you will find the IG_TCP_CPORTS and IG_UDP_CPORTS directives, which is where you define the ports where both TCP and UDP connections will be received.
IG_TCP_CPORTS="22"
IG_UDP_CPORTS="801,456"Of course, define as many as you want and need.
Further ahead, find the outgoing ports enabled in both TCP and UDP
EG_TCP_CPORTS="21,25,80,443,43"
EG_UDP_CPORTS="20,21,53"Actually, the file is very well documented. When you are ready, save the changes and close the editor.
Restart the APF runtime
sudo apf -rIf everything is OK and you are satisfied, then you can use APF in production mode. Re-edit the configuration file.
sudo vi /etc/apf/conf.apfAnd at the top of the file you will see the DEVEL_MODE parameter which will have value 1 so change it to 0.
DEVEL_MODE="0"Save the changes, close the editor and restart APF, and now you are ready for battle.
Finally, you can also make it start with the system
sudo chkconfig -level 2345 apf onConclusion
APF is an important firewall that is easy to configure and manage on Rocky Linux 9 / Alma Linux 9, so now it’s your turn to use it on your systems.
