apf -a 1.1.1.1
dengan demikian di /etc/apf/allow_hosts.rules akan terdapat:
# added 10.0.0.0/8 on 09/03/08 19:47:02 with comment:
1.1.1.1
setelah itu restart service apf dengan cara:
service apf restart
maka ip 1.1.1.1 akan selalu di allow
jika kita edit secara manual /etc/apf/allow_hosts.rules maka baris yang kita masukkan selalu akan dihapus lagi oleh apf secara otomatis, oleh karena itu harus pakai command spt di dokumen README.apf berikut:
4) General Usage:
The /usr/local/sbin/apf command has a number of options that will ease the
day-to-day use of your firewall. Here is a quick snap-shot of the options:
usage /usr/local/sbin/apf [OPTION]
-s|--start ......................... load the firewall rules
-r|--restart ....................... stop (flush) & reload firewall rules
-f|--stop .......................... stop (flush) all firewall rules
-l|--list .......................... list chain rules
-t|--status ........................ firewall status
-e|--refresh ....................... refresh & resolve dns names in trust rules
-a HOST CMT|--allow HOST COMMENT ... add host (IP/FQDN) to allow_hosts.rules and
immediately load new rule into firewall
-d HOST CMT|--deny HOST COMMENT .... add host (IP/FQDN) to deny_hosts.rules and
immediately load new rule into firewall
-u|--remove HOST ................... remove host from [glob_]deny_hosts.rules
and immediately remove rule from firewall
-o|--ovars ......................... output all configuration options
Tidak ada komentar:
Posting Komentar