Configure APF Firewall on your VPS Print

What is APF?
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Linux servers. The configuration is designed to be very informative and easy to follow. The management on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information on all the features.

Step 1
Download the most recent version of APF from the RFX Networks website http://www.rfxn.com/projects/advanced-policy-firewall/

Step 2
Execute the following command through SSH: sh ./install.sh. Your VPS will now be configured and APF will be installed with default settings. You will receive warning to change your ig/eg_tcp and ig/eg_udp settings, do not ignore this!

Step 3
Your firewall is now running in development mode. Open /etc/apf/conf.apf and adjust for starters the inbound/outbound ports you will need to allow for your services to function normally. A few examples:
- Apache webserver runs on port 80 by default
- BIND dns runs on port 53 by default
- SSH runs on port 22 by default
Save the config file when you are done and restart the firewall.

Step 4
So far so good? If not and you been locked out from your VPS, wait 5 minutes for the rules to flush.

If everything seems to be to your likings then open the /etc/apf/conf.apf file again and put the DEVEL variable to "0".

You now have a fully functioning software firewall.