APF firewall AND ISPCP_NETWORK problems

[prale]

Hello, I use APF firewall with DDOS Deflate.
They say it the best out there, but I have a little conflict with ISPCP_NETWORK.

The stats, rootkithunter etc wont work after 06.00u every day.
I have to restart ISPCP_NETWORK to get them working again.

I found out that if I do:
/etc/init.d/apf restart
It flushes all iptables, and ispcp_network doesn't recreate them.

So I checked the cron for APF:
*/10 * * * * root /etc/apf/apf --refresh >> /dev/null 2>&1 &

I don't know if this is the right cronjob (I can't see a relation to 06:00u), but I want to try restart ISPCP_NETWORK after this line.

I'm a noob with cron, can someone tell me how I can add this command?

Thanks!

[prale]

Hmmmz this cron runs every 10minutes, and is generated from the apf config.
So I can't edit it manually since it's overwritten every time. APF restarts.

I also found this in the config:

# The fast load feature makes use of the iptables-save/restore facilities to do
# a snapshot save of the current firewall rules on an APF stop then when APF is
# instructed to start again it will restore the snapshot. This feature allows
# APF to load hundreds of rules back into the firewall without the need to
# regenerate every firewall entry.
# Note: a) if system uptime is below 5 minutes, the snapshot is expired
# b) if snapshot age exceeds 12 hours, the snapshot is expired
# c) if conf or a .rule has changed since last load, snapshot is expired
# d) if it is your first run of APF since install, snapshot is generated
# - an expired snapshot means APF will do a full start rule-by-rule
SET_FASTLOAD="0"

But if I enable this, the snapshot can still expire.

Another possibility is to edit ISPCP_NETWORK to check for the needed IPTABLES.
If not, it must only restart once.

Any ideas?

Thanx again.

[prale]

Nobody?