While working with APF on servers, you might normally get to see the following error,
# apf -r
apf(2042): {glob} flushing & zeroing chain policies
apf(2042): {glob} firewall offline
apf(3179): {glob} activating firewall
apf(3284): {glob} unable to load iptables module (ip_tables), aborting.
apf(3179): {glob} firewall initalized
apf(3179): {glob} fast load snapshot saved
Your kernel is compiled with iptables statically instead of as a module, to resolve this you will need to change a small configuration in /etc/apf/conf.apf
SET_MONOKERN=”0″ Set it to “1″
Once this is done, restart apf to see the error vanishing.
SET_MONOKERN
# This allows the firewall to work around modular kernel issues by assuming
# that the system has all required firewall modules compiled directly into
# kernel. This mode of operation is not generally recommended but can be used
# scale APF to unique situations.