|
firewalling Debian Etch on my laptop
Hi!
I am running Debian Etch on my laptop, which connects to the internet through an ADSL router over wireless network. I have installed firehol but when I test my firewall at sites like Shields Up, the port 80 is reported as open. As my knowledge of firewalls is absolutely the minimum, I would very much like you suggestions as to how to close this port. Thanking in advance, |
Port 80 is what lets you connect to the internet, you don't want to close that. I think you may be able to change it, but 80 is the default HTTP port.
|
So it is OK if I keep it open?
|
No, it's not OK, unless you're running an http server. Go ahead and close it then try to connect eo the internet. I don't know how firehol is set up, but if the settings are "sane," you shouldn't have any problem.
|
I can't seem to figure out how exactly one can close a particular port in firehol. Any suggestions?
|
Create the file /etc/rcS.d/S99network
Copy the contents between the lines below into it (substitute your ethernet address for <outgoing interface ip>. The bottom two lines allow external ssh connections, omit them if not desired or install fail2ban to thwart uninvited login attempts. This is assuming your interfaces is, of course , named eth0. If it is a wireless interface the 3rd line should reflect whatever name your system has given the interface ie., ath0,wlan0...whatever... ------------------------------------------------------------------------- #!/bin/bash modprobe ipt_MASQUERADE iptables -F;iptables -t nat -F; iptables -t mangle -F iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to <outgoing interface ip> echo 1 > /proc/sys/net/ipv4/ip_forward iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT ------------------------------------------------------------------------ then do... #chmod 700 /etc/rcS.d/S99network ..as root then do... #/etc/rcS.d/S99network instant firewall... and ..coincidentally..if your communicating with an offsite website to check your firewall..of course it's going to report port 80 open..your using it to run the test.. |
If that seems too complicated for your skill level, you might want to simply remove firehol altogether, and install Firestarter (Gnome) or Guarddog (KDE) instead. Either of those will set up by default to block the service ports. (1-1024).
It's also possible, if you really don't know what you're doing, that you unwittingly installed an http server, and it's running which is the reason firehol left the port open. If that's the case, you may want to run a more beginner friendly distro that doesn't require as much post-installation configuration as Debian. |
geden >>
Thanks for your valuable suggestion, I tried your suggestion. But when I run S99network, I get the following error message FATAL: Module ipt_MASQUERADE not found. iptables v1.3.6: can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.3.6: Bad IP address `eth1' Any suggestions? rickh >> Thanks for your suggestion. I have tried guarddog and firestarter without success. I am able to configure guarddog in my Ubuntu and Slackware 11 installs, without much problem. However I am unable to configure any firewall in Debian. |
Do 'modprobe ipt_MASQERADE' prior to running rc99network script, optionally make this the first line of the script.
|
Thanks geden, but I am off Debian now. I am back to Slackware and dabbling with Sabayon, now a days!
|
| All times are GMT -5. The time now is 03:57 PM. |