|
Firewalling a ppp client under MAndrake 9.2
Using one computer, running Mandrake 9.2, with a ppp (dial-up) connection:
I had installed the guarddog firewall from an rpm, but recently removed it to try the firewall script I found at www dot malibyte dot net/iptables/scripts/fwscripts dot html.
I modified the conf file, and followed the instructions for starting up the firewall. Since I ran "/sbin/chkconfig --level 345 firewall.iptables on", I expect the firewall is running even if I've since rebooted.
PROBLEM 1: How can I test this? I'm worried because I didn't specify a way for my amule client to get through the firewall, but the program seems to work fine. Could I be unprotected? Could a different firewall - other than the script - be running? I know something has changed, because I can now use nmap to scan a friend's machine when under guarddog I could not.
PROBLEM 2: I tried a portscan courtesy of www dot grc dot com. It shows good results, as if all my ports are dropping all incoming packets. Why then does "nmap 127.0.0.1" tell me that ports 6000 (X) and 1720 (H323) are open? How do I close port 1720 if I don't want to use it?
PROBLEM 3: I've tried calling "/etc/rc.d/init.d/firewall.iptables start" when connected to the net (through ppp0). No errors are indicated, but this wrecks everything. For instance, Mozilla claims to be resolving websites, but they never open. Have I called the program a second time, or is firewall.iptables not my active firewall at all? How can I check?
PROBLEM 4: The firewalls.conf.iptables-generic file (see website in paragraph one) asks for an internal interface. I've commented this out, because I have no LAN behind the first Linux machine. Should there be something (ie 'lo') here?
Basically, I have a long ways to go before understanding firewalling, and material on the net seems aimed at firewalling a home LAN, not protecting a single machine (one that is both firewall and client). Any help/feedback will be appreciated. Thanks in advance.
|
