22 Şubat 2009 Pazar

APF firewall Kurulumu

Linux Sunucularınıza firewall artık kaçınılmaz oldu.APF firewall kendi alanında iyi yanlarını kanıtlamış bir firewall aşşağıdaki bash scripti install.sh olarak kaydedip chmodunu 777 verdikten sonra çalıştırırsanız hali hazır bir firewalliniz olacaktır.


#!/bin/bash
cd /usr/local/src/
rm -rf apf*
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -xvzf apf-current.tar.gz
cd apf*
sh install.sh
inst=$?
if [ $inst = 0 ]
then
echo -e "\n A.P.F Installed \n"
fi
sed '{
s/^IG\_TCP\_CPORTS.*/IG\_TCP\_CPORTS=\"21,22,25,53,80,110,143,443,2082,2083,2086,2087,2095,8443,2096,3000\_3500\"/g
s/^IG\_UDP\_CPORTS.*/IG\_UDP\_CPORTS=\"53\"/g
s/eth0/eth1/g
s/^EG\_TCP\_CPORTS.*/EG\_TCP\_CPORTS=\"21,25,80,443,43\"/g
s/^EG\_UDP\_CPORTS.*/EG\_UDP\_CPORTS=\"20,21,53\"/g
s/^EGF=\"0\"/EGF=\"1\"/g
}' /etc/apf/conf.apf > /etc/apf/conf.apf.new
mv /etc/apf/conf.apf{,.SL}
mv /etc/apf/conf.apf.new /etc/apf/conf.apf
echo -e "\n\n APF Configuration Edited \n"
echo -e "\n Following changes made \n ============"
grep CPORTS /etc/apf/conf.apf |grep -v ^#
grep eth /etc/apf/conf.apf | grep -v ^#
grep EGF /etc/apf/conf.apf | grep -v ^#

echo -e "\n ============ \n "
echo -e "Check SSH port is added \n"
grep -i ^port /etc/ssh/sshd_config
echo -e "\n Please set DEVEL_MODE to 0 in apf.conf if working fine !! \n "
zaman: 06:06
Etiketler: , ,