Well I wanted to install the APF firewall to secure my server from DoS attacks and have a nice firewall in place. I installed the latest APF, it tol dme what ports I was using, I looked over them, everything looked fine, I added the TCP and UDP ports needed to my ingress connections (didnt mess with egress) started the firewall and all was well. I host many TeamSpeak servers (voice over IP communication for gamers/friends) and I notice that randomly some of the TS servers would stop respponding. Teamspeak handles one main server that has many mini servers, each mini server listening on its own UDP port. A simple mini server restart would make that certain TS server accessible again, but only to be blocked off sometime the next day. The right ports were open in the APF config under ingress so I wasnt sure what was going on. I then attempted adding the ports to my egress also, no luck. After this, I decided to bound my TS servers to a certain IP, and then use an iptables command to unblock that IP completely:

iptables -I INPUT 1 -d xx.xx.xx.xx -j ACCEPT
iptables -I OUTPUT 1 -d xx.xx.xx.xx -j ACCEPT

And at the same time went ahead and took those UDP ports out of my APF config for being open, since those two commands would open them manually. I then attempted:

iptables-save > /var/iptables_firewall
iptables-restore < /var/iptables_firewall

In hope that it would save this configuration and i wouldnt have to worry about it. Well every morning around 10:00 AM my time, it flushes those two commands I gave to unblock that IP, and APF takes over and blocks off the IP I was using for my TS servers. This means every day in the morning I have to re-enter those two iptables commands that unblock all on the IP xx.xx.xx.xx

Lately, I have also noticed speeds downloading from my server slower than 100 KBps, when i previously got around 1700 KBps, and it isnt just me. Does anyone have any ideas why APF would randomly cut off some UDP ports, making me restart the service on that port for it to work again. And any clue on the speed slow downs? The speed issue only started after I installed the firewall, and even after uninstalling APF speed is still a little screwy. I also flushed my iptables so Im thinking it may just be my server. However any help would be greatly appreciated. Thank you



-h4x0r-

bump?