Blocking IPs with APF Firewall

A) /etc/apf/apf -d IP Reason
–> The -d flag means DENY the IP address
–> IP is the IP address you wish to block
–> Reason is comments to why the IP is being blocked

Example:

./apf -d 267.14.188.1 TESTING

vi /etc/apf/deny_hosts.rules

Shows the following:

# added 267.14.188.1 on 08/23/05 01:25:55
# TESTING
267.14.188.1

B) pico /etc/apf/deny_hosts.rules

You can then just add a new line and enter the IP you wish to block. Before this becomes active though you’ll need to reload the APF ruleset.

/etc/apf/apf -r