Advanced Policy Firewall

 3 likes

Server-based firewall. Reacts to attacks with intelligent abilities to detect malicious attempts to enter and reacting by blocking the IP temporarily. Repeated hits will ban the IP completely.

License model

  • FreeOpen Source

Application type

Platforms

  • Linux  The APF package is designed to run on Linux based operating systems that have an operational version of the iptables (netfilter) package installed. The iptables (netfilter) package is supported on Linux kernels 2.4 and above.
  No rating
3 likes
0comments
0 news articles

Features

Suggest and vote on features
  1.  Command line/bash
  2.  Firewall
  3.  Application Firewall

Advanced Policy Firewall News & Activities

Highlights All activities

Recent activities

Show all activities

Advanced Policy Firewall information

  • Developed by

    R-FX Networks
  • Licensing

    Open Source and Free product.
  • Alternatives

    7 alternatives listed
  • Supported Languages

    • English

AlternativeTo Category

Security & Privacy

Our users have written 0 comments and reviews about Advanced Policy Firewall, and it has gotten 3 likes

Advanced Policy Firewall was added to AlternativeTo by 5ubstance on Aug 12, 2011 and this page was last updated Jul 4, 2019.
No comments or reviews, maybe you want to be first?
Post comment/review

What is Advanced Policy Firewall?

Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Linux servers. The configuration is designed to be very informative and easy to follow. The management on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information on all the features. The technical side of APF is such that it utilizes the latest stable features from the iptables (netfilter) project to provide a very robust and powerful firewall. The filtering performed by APF is three fold:

  1. Static rule based policies (not to be confused with a “static firewall”)
  2. Connection based stateful policies
  3. Sanity based policies The first, static rule based policies, is the most traditional method of firewalling. This is when the firewall has an unchanging set of instructions (rules) on how traffic should be handled in certain conditions. An example of a static rule based policy would be when you allow/deny an address access to the server with the trust system or open a new port with conf.apf. So the short of it is rules that infrequently or never change while the firewall is running. The second, connection based stateful policies, is a means to distinguish legitimate packets for different types of connections. Only packets matching a known connection will be allowed by the firewall; others will be rejected. An example of this would be FTP data transfers, in an older era of firewalling you would have to define a complex set of static policies to allow FTA data transfers to flow without a problem. That is not so with stateful policies, the firewall can see that an address has established a connection to port 21 then “relate” that address to the data transfer portion of the connection and dynamically alter the firewall to allow the traffic. ... and much much more. See site for further details.