How to install APF on Rocky Linux 9 / Alma Linux 9

Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
Subscribe
"The best Linux newsletter on the web"

Hello, friends. In this post, you will learn how to install APF on Rocky Linux 9 / Alma Linux 9.

According to the project website:

APF is an iptables(netfilter) based firewall system designed around
The essential needs of today’s Internet deployed servers and the unique
needs of custom deployed Linux installations.

One of the main features of APF is that it is easy to configure. This is important so that we can use it without hassle.

Some features of APF are:

  • Detailed and well commented configuration file
  • Granular inbound and outbound network filtering
  • User ID based outbound network filtering
  • Application-based network filtering

So let’s go for it. Let’s install APF and apply some initial settings.

Install APF on Rocky Linux 9 / Alma Linux 9

APF is not included in the official repositories of Rocky Linux 9, but this does not prevent us from installing it without any problems.

First, open a terminal and update the whole system:

sudo dnf update

Then, you can download it

wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

Thereafter, unzip it

tar -zxf apf-current.tar.gz

This creates a folder with the name and version of APF. Access it.

cd apf-1*

There you will find a file called install.sh which is an installation script to ease the whole process.

Run it with root permissions to start the installation process:

sudo ./install.sh

If all goes well, you will see a screen output like the following

Install APF on Rocky Linux 9 / Alma Linux 9
Install APF on Rocky Linux 9 / Alma Linux 9

As you can see, the process is simple. There you will also see the APF configuration and administration paths.

Configuring APF on Rocky Linux 9 / Alma Linux 9

The paths that APF handles are simple. In the case of the configuration, the path indicated is /etc/apf/conf.apf this file can be backed up before editing it.

sudo cp /etc/apf/conf.apf /etc/apf/conf.apf.bak

Now, with more freedom, you can edit it

sudo vi /etc/apf/conf.apf

The first thing you have to do is to set the network interface where the rules will be applied

IFACE_UNTRUSTED="eth0"

Below, you will find the IG_TCP_CPORTS and IG_UDP_CPORTS directives, which is where you define the ports where both TCP and UDP connections will be received.

IG_TCP_CPORTS="22"
IG_UDP_CPORTS="801,456"

Of course, define as many as you want and need.

Further ahead, find the outgoing ports enabled in both TCP and UDP

EG_TCP_CPORTS="21,25,80,443,43"
EG_UDP_CPORTS="20,21,53"

Actually, the file is very well documented. When you are ready, save the changes and close the editor.

Restart the APF runtime

sudo apf -r

If everything is OK and you are satisfied, then you can use APF in production mode. Re-edit the configuration file.

sudo vi /etc/apf/conf.apf

And at the top of the file you will see the DEVEL_MODE parameter which will have value 1 so change it to 0.

DEVEL_MODE="0"

Save the changes, close the editor and restart APF, and now you are ready for battle.

Finally, you can also make it start with the system

sudo chkconfig -level 2345 apf on

Conclusion

APF is an important firewall that is easy to configure and manage on Rocky Linux 9 / Alma Linux 9, so now it’s your turn to use it on your systems.

Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
Subscribe
"The best Linux newsletter on the web"
Angelo
Angelo
I am Angelo. A systems engineer passionate about Linux and all open-source software. Although here I'm just another member of the family.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

Join us on Facebook