Page 1 of 1

Question about APF /etc/apf/deny_hosts.rules list file

Posted: 2016/04/04 22:45:24
by ZXH
Hello,

I've been running APF for years with good success. One of my APF instances is running on CentOS 5.11. I have a question about the /etc/apf/deny_hosts.rules list file. I'm guessing the behavior I'm about to describe is by design but I want to make sure that something else strange isn't going on. What happened is after I added some additional lines today to said deny hosts rules list file and then restarted APF to incorporate those additional rules, the entire commented area in the file (containing the examples, etc.) was suddenly gone. All that was left were the IPs/ranges to be blocked.

So is it by design that when the list of rules within this deny hosts rules file reaches a certain length (perhaps 50 lines or so) the commented area is automatically purged? I actually tried adding that upper commented section back from another APF installation on another server, but when I executed apf -r the commented lines were gone again. It's really no big thing... unless of course it's not supposed to do that. I currently have 51 lines in the mentioned file. I can try removing lines, one-by-one, and adding the upper commented section back just to see what happens and at which point. But I wanted to ask here if anyone has knowledge of this apparent auto-truncation first.

Thanks in advance for any thoughts or comments.

Re: Question about APF /etc/apf/deny_hosts.rules list file

Posted: 2016/04/05 01:23:06
by TrevorH
This "APF" is not a CentOS supplied package. You'd have to ask the authors/maintainers.

Re: Question about APF /etc/apf/deny_hosts.rules list file

Posted: 2016/04/05 03:55:41
by ZXH
Duly noted, and I am aware of that fact, Trevor. It's just that if one searches for instances of "APF" among this CentOS community message board they will receive many returns of comments and discussions relating to APF. For this reason I thought that if my scenario were a commonly encountered behavior by APF users that someone may reply back and say so. Nonetheless, thanks for your reply :)