While working with APF on servers, you might normally get to see the following error,
#apf -r
apf(2042): {glob} flushing & zeroing chain policies
apf(2042): {glob} firewall offline
apf(3179): {glob} activating firewall
apf(3284): {glob} unable to load iptables module (ip_tables), aborting.
apf(3179): {glob} firewall initalized
apf(3179): {glob} fast load snapshot saved
Your kernel is compiled with iptables statically instead of as a module, to resolve this you will need to change a small configuration in /etc/apf/conf.apf
SET_MONOKERN=”0″ Set it to “1″
Once this is done, restart apf to see the error vanishing.
SET_MONOKERN # This allows the firewall to work around modular kernel issues by assuming # that the system has all required firewall modules compiled directly into # kernel. This mode of operation is not generally recommended but can be used # scale APF to unique situations.
Comments