Home Forums Articles Downloads Hosting Freebies Jobs
Welcome to Linux Forums! With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.
Find the answer to your Linux question:
New to Linux Forums? Register here for free!
    Linux Forums > GNU Linux Zone > Linux Security > APF Firewall help

Forgot Password?
 Linux Security   Discussion about keeping your machines secure, and the crackers out.

Site Navigation
Linux Articles
Linux Forums
Linux Downloads
Linux Hosting
Free Magazines
Job Board
IRC Chat
RSS Feeds


Linux Forum Topics
Linux Forums
Your Distro
Linux Resources
GNU Linux Zone
The Community
Reply
 
Thread Tools Display Modes
Old 08-01-2004   #1 (permalink)
Linux Newbie
 
Join Date: Feb 2004
Location: Cleveland, Ohio
Posts: 136
Send a message via AIM to Blue|Fusion Send a message via MSN to Blue|Fusion
APF Firewall help
I just installed APF on my new server, and I am having a pretty big problem with it. I tried to block all ports and see if I could still SSH, FTP, etc (ofcourse dev mode), and it didn't stop anything. I looked at the log and here it is:
Quote:
Jul 29 04:02:08 solaris apf(2382): flushing & zeroing chain policies
Jul 29 04:02:08 solaris apf(2382): firewall offline
Jul 29 04:02:08 solaris apf(2457): activating firewall
Jul 29 04:02:08 solaris apf(2493): determined (IN_IF) eth1 has address 67.18.215.148
Jul 29 04:02:08 solaris apf(2493): determined (OUT_IF) eth1 has address 67.18.215.148
Jul 29 04:02:08 solaris apf(2493): loading sysctl.rules
Jul 29 04:02:08 solaris apf(2493): setting sysctl_tcp enabled.
Jul 29 04:02:08 solaris apf(2493): setting sysctl_syn enabled.
Jul 29 04:02:08 solaris apf(2493): loading preroute.rules
Jul 29 04:02:08 solaris apf(2493): loading allow_hosts.rules
Jul 29 04:02:08 solaris apf(2493): allow all to/from 12.96.160/24
Jul 29 04:02:08 solaris apf(2493): allow all to/from 67.19.0.29
Jul 29 04:02:08 solaris apf(2493): loading bt.rules
Jul 29 04:02:08 solaris apf(2493): loading log.rules
Jul 29 04:02:08 solaris apf(2493): virtual net subsystem disabled.
Jul 29 04:02:09 solaris apf(2493): loading main.rules
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 20 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 21 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 22 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 24 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 25 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 53 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 80 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 110 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 143 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 443 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 465 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 993 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 995 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 2083 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 2086 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 2087 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 2096 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 8000:8003 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 8443 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 9000 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 9999 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 10000 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 14534 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 20045 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 35000:35999 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound tcp port 51234 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 20 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 21 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 24 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 53 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 1040 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 1716 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 1717 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 1718 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 8767:8773 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 8777 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 9000 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound udp port 27900 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound icmp type 3 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound icmp type 5 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound icmp type 11 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound icmp type 0 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound icmp type 30 on 0/0
Jul 29 04:02:09 solaris apf(2493): opening inbound icmp type 8 on 0/0
Jul 29 04:02:09 solaris apf(2493): default (egress) output accept
Jul 29 04:02:09 solaris apf(2493): default (ingress) input drop
Jul 29 04:02:09 solaris apf(2457): firewall initalized
Jul 29 15:41:32 solaris apf(7979): flushing & zeroing chain policies
Jul 29 15:41:32 solaris apf(7979): firewall offline
Jul 29 15:41:38 solaris apf(8007): flushing & zeroing chain policies
Jul 29 15:41:38 solaris apf(8007): firewall offline
Jul 29 15:41:42 solaris apf(8035): activating firewall
Jul 29 15:41:42 solaris apf(8070): determined (IN_IF) eth1 has address 67.18.215.148
Jul 29 15:41:42 solaris apf(8070): determined (OUT_IF) eth1 has address 67.18.215.148
Jul 29 15:41:42 solaris apf(8070): loading sysctl.rules
Jul 29 15:41:42 solaris apf(8070): setting sysctl_tcp enabled.
Jul 29 15:41:42 solaris apf(8070): setting sysctl_syn enabled.
Jul 29 15:41:42 solaris apf(8070): loading preroute.rules
Jul 29 15:41:42 solaris apf(8070): loading allow_hosts.rules
Jul 29 15:41:42 solaris apf(8070): allow all to/from 12.96.160/24
Jul 29 15:41:42 solaris apf(8070): allow all to/from 67.19.0.29
Jul 29 15:41:43 solaris apf(8070): loading bt.rules
Jul 29 15:41:43 solaris apf(8070): loading log.rules
Jul 29 15:41:43 solaris apf(8070): virtual net subsystem disabled.
Jul 29 15:41:43 solaris apf(8070): loading main.rules
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 20 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 21 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 22 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 24 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 25 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 53 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 80 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 110 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 143 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 443 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 465 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 993 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 995 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 2083 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 2086 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 2087 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 2096 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 8000:8003 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 8443 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 9000 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 9999 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 10000 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 14534 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 20045 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 35000:35999 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound tcp port 51234 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 20 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 21 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 24 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 53 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 1040 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 1716 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 1717 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 1718 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 8767:8773 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 8777 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 9000 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound udp port 27900 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound icmp type 3 on 0/0
Jul 29 15:41:43 solaris apf(8070): opening inbound icmp type 5 on 0/0
Jul 29 15:41:44 solaris apf(8070): opening inbound icmp type 11 on 0/0
Jul 29 15:41:44 solaris apf(8070): opening inbound icmp type 0 on 0/0
Jul 29 15:41:44 solaris apf(8070): opening inbound icmp type 30 on 0/0
Jul 29 15:41:44 solaris apf(8070): opening inbound icmp type 8 on 0/0
Jul 29 15:41:44 solaris apf(8070): default (egress) output accept
Jul 29 15:41:44 solaris apf(8070): default (ingress) input drop
Jul 29 15:41:44 solaris apf(8035): firewall initalized
At the end of each of the port open lines, it has on 0/0. On my old server, instead it was on <ip address> and opens up each port on each IP seperately.

What could be causing this problem?
__________________
Mandrake 10.1 Official PowerPack [home] | RH Enterprise 3 / cPanel [box]
Blue|Fusion is offline  


Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Free Magazines
Run Your Own Web Server Using Linux & Apache - Free 191 Page Preview
Learn about everything you'll need to build and maintain your Linux servers, and to deploy Web applications to them.
subscribe
Open Source Security Myths Dispelled
Dispel the five major myths surrounding Open Source Security and gain the tools necessary to make a truly informed decision for your IT organization
subscribe
InformationWeek
InformationWeek is the only newsweekly you'll need to stay on top of the latest developments in information technology.
subscribe



All times are GMT. The time now is 06:16 AM.





Advertise About Us Contact Us Write For Us Archive Top
© 2000 - 2009 - All Rights Reserved - Property of  MAS Media

Content Relevant URLs by vBSEO 3.3.0 RC2