apf questions

UnforgotteN · 05-29-2005, 12:48 AM

I run a linux server with Cpanel. Recently I installed apf, i created my friend an account so he could upload some of his files to ftp. now my friend's ip was blocked by apf firewall.

i was looking into this file, is this where i unblock and find out why he was blocked?

Code:

cd/etc/apf/ 
pico deny_hosts.rules 

I found his ip here: 

# added XXX.XXX.XXX.XXX on 05/24/05 21:00:00 
# {bfd.proftpd} 
XXX.XXX.XXX.XXX

Why was he blocked? and how do i unblock him?

John,
Thnaks!

bigrigdriver · 05-29-2005, 03:41 PM

Rough guess: since you found his IP listed in the deny_hosts.rules, that answers your question. Is there an allow_hosts.rules file? Or some equivalent? If so, transfer his IP info to that file, then try again.

UnforgotteN · 05-29-2005, 04:28 PM

done, thanks. i actually just deleted the lines in deny_hosts.rules files. if he gets ban again hopefully we will know why, i just dont want to put him in allow_hosts.rules file when he couldl be trying to do something to harm the system...

bigrigdriver · 05-29-2005, 05:09 PM

Allow_hosts.rules *should* only allow him to connect to the server. It *should not* give him root privileges to do harm to the system. Access to the server *should only* allow him to connect to his own workspace, or the public_html directories in other users directories.

System admisistration can be a daunting task. Perhaps other, more knowledgeable Linux users, could be of greater help. Especially with the implementation of ACL (access control lists) to ease your mind with regard to un-regulated access to the system.