LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-04-2006, 11:04 AM   #1
studioq
Member
 
Registered: Sep 2006
Posts: 42

Rep: Reputation: 15
Firewall woes.. Newbie trying to figure it out.


Quick question for anyone who knows. This is the response I get when issuing "ps x" after installing a firewall. Are all of the prcesses with question marks ones that are blocked by that fire wall? I never saw this before I started up the rc.firewall file.



Code:
PID TTY      STAT   TIME COMMAND
    1 ?        S      0:04 init [3]
    2 ?        S      0:00 [keventd]
    3 ?        SN     0:00 [ksoftirqd_CPU0]
    4 ?        S      0:00 [kswapd]
    5 ?        S      0:00 [bdflush]
    6 ?        S      0:00 [kupdated]
   10 ?        S<     0:00 [mdrecoveryd]
   11 ?        S      0:00 [kreiserfsd]
   62 ?        Ss     0:00 /usr/sbin/syslogd
   65 ?        Ss     0:00 /usr/sbin/klogd -c 3 -x
  163 ?        S<s    0:00 udevd
  246 ?        S      0:00 [khubd]
 1430 ?        Ss     0:00 /usr/sbin/inetd
 1434 ?        Ss     0:00 /usr/sbin/sshd
 1438 ?        Ss     0:00 /usr/sbin/named
 1456 ?        Ss     0:00 /usr/sbin/cupsd
 1470 ?        S      0:00 /usr/sbin/crond -l10
 1475 ?        Ss     0:00 /usr/sbin/saslauthd -a shadow
 1476 ?        S      0:00 /usr/sbin/saslauthd -a shadow
 1477 ?        S      0:00 /usr/sbin/saslauthd -a shadow
 1478 ?        S      0:00 /usr/sbin/saslauthd -a shadow
 1479 ?        S      0:00 /usr/sbin/saslauthd -a shadow
 1528 ?        Ss     0:00 /usr/sbin/httpd
 1530 ?        Ss     0:00 /usr/sbin/gpm -m /dev/mouse -t ps2
 1532 tty1     Ss     0:00 -bash
 1533 tty2     Ss+    0:00 /sbin/agetty 38400 tty2 linux
 1534 tty3     Ss+    0:00 /sbin/agetty 38400 tty3 linux
 1535 tty4     Ss+    0:00 /sbin/agetty 38400 tty4 linux
 1536 tty5     Ss+    0:00 /sbin/agetty 38400 tty5 linux
 1537 tty6     Ss+    0:00 /sbin/agetty 38400 tty6 linux
 1577 tty1     S+     0:00 /bin/sh /usr/X11R6/bin/startx
 1588 tty1     S+     0:00 xinit /root/.xinitrc --
 1589 ?        R<     0:35 X :0
 1593 tty1     S      0:00 sh /root/.xinitrc
 1594 tty1     S      0:00 /bin/sh /opt/kde/bin/startkde
 1619 ?        Ss     0:00 kdeinit Running...
 1622 ?        S      0:00 kdeinit: dcopserver --nosid
 1624 ?        S      0:00 kdeinit: klauncher
 1627 ?        S      0:00 kdeinit: kded
 1633 ?        S      0:00 kdeinit: kded
 1634 ?        S      0:00 kdeinit: kded
 1638 ?        S      0:00 artsd -F 10 -S 4096 -s 60 -m artsmessage -c drkonqi -l 3 -f
 1640 ?        S      0:00 kdeinit: kaccess
 1641 tty1     S      0:00 kwrapper ksmserver
 1643 ?        S      0:00 kdeinit: ksmserver
 1644 ?        S      0:00 kdeinit: kwin -session 1014cd7d2d4000115938571500000016170000_
 1657 ?        S      0:01 kdeinit: kdesktop
 1661 ?        S      0:00 kdeinit: kicker
 1663 ?        S      0:00 kdeinit: klipper
 1696 ?        S      0:00 korgac --miniicon korganizer
 1702 ?        S      0:00 kdeinit: knotify
 1703 ?        S      0:00 artsd -F 10 -S 4096 -s 60 -m artsmessage -c drkonqi -l 3 -f
 1705 ?        S      0:00 kdeinit: kio_file file /tmp/ksocket-root/klauncherc9eP0b.slave
 1707 ?        S      0:05 kdeinit: konqueror --silent
 1712 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1714 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1718 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1725 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1730 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1731 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1732 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1734 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1735 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1738 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1739 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1750 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1754 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1761 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1762 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1764 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1767 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1782 ?        S      0:00 kdeinit: kio_http http /tmp/ksocket-root/klauncherc9eP0b.slave
 1789 ?        S      0:00 kdeinit: konsole --ls
 1790 pts/1    Ss     0:00 -bash
 1804 pts/1    R+     0:00 ps x
Thanks.
 
Old 10-04-2006, 12:46 PM   #2
b0uncer
LQ Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
No no no. The ?-marks are in the "tty" column, as you see, and that means basically that they were not started in any specific tty (i.e. by you on a graphical tty), but are more likely somekind of system processes not started by yourself.

rc.firewall is, as far as I can guess, a script that generates rules for the Linux iptables firewall, which does not prevent apps from doing this or that (like Zonealarm, for example), but which decides whether certain packets from certain addresses or ports (or captured by some other "general" rules) are accepted, rejected or dropped. Read more:
Code:
man iptables
it's pretty different from any Windows firewall, really - and it's effective if you learn to use it. You can use programs like Firestarter to configure iptables, but the most powerful way (in my own opinion) is to use a firewall script like rc.firewall, which is just run at bootup and merely adds the iptables rules (check the file out; you'll find out how it works -- it's at the same time simple and clever).

About these ttys: for example you see this line:
Quote:
1535 tty4 Ss+ 0:00 /sbin/agetty 38400 tty4 linux
it tells that on tty4 (a text console, you'll see it pressing ctrl+alt+f4 and get back by ctrl+alt+f7) there is agetty running; a program that waits for somebody to log in. Every "working" tty has somekind of app like that running, but the point here was that you'll see it's running on tty4 (and it's process id is 1535). Those processes that have no tty (have ? in place of the tty) are simply processes that are not started in any specific tty.

Usually tty1-6 are text-logins (console) and 7-12 are reserved for graphical ones, but usually only 7 is in use (unless you're running multiple Xs).

I hope you got something out of this..I advice you to read documentation about how Linux and Unix works, and about what a multiuser system means -- it means that multiple persons can use the same pc at the same time; basically it happens so that they log in via different ttys, either locally or not.

Last edited by b0uncer; 10-04-2006 at 12:47 PM.
 
Old 10-04-2006, 02:32 PM   #3
studioq
Member
 
Registered: Sep 2006
Posts: 42

Original Poster
Rep: Reputation: 15
Trust me, I've been reading everyday now for 2 weeks straight.. I wish I had started this several years ago, but I just happened upon it. I had Ubuntu and a Slacker came by and told me to forget about it and go with Slack. I changed and have been exceptionally happy I did.. There are so many things to learn and I am learning most of them out of order.

One thing I do know is that if I dont understand it - leave it alone..
I have to ask questions like the one above because I didn't know what it was related to.. Now I do..

The firewall script is in and seems to be working. I just think it is working a little too good.. Now many many things are no longer accessible from the net.. I figured I would put the firewall in so I could learn what it was doing and why, before I tried to make it do what I wanted it to do.. Just my silly way of learning I guess. I just know that I wanted to code it by hand rather that try to use an app to do it. The app does it for me and I dont learn a thing. Not my reason for getting into this.
Thanks.
 
Old 10-05-2006, 01:18 AM   #4
manwichmakesameal
Member
 
Registered: Aug 2006
Distribution: Slackware
Posts: 804

Rep: Reputation: 109Reputation: 109
Try using something like guarddog to set up your firewall, it will create the rc.firewall script. Then you can go through the script and change it to your will or just read through it to see what does what.
 
Old 10-05-2006, 10:06 PM   #5
studioq
Member
 
Registered: Sep 2006
Posts: 42

Original Poster
Rep: Reputation: 15
This was actually my solution to the above issues...
http://www.linuxquestions.org/questi...ht=firestarter
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What is a good webpage design program, that a newbie could figure out? suseforge Linux - Software 9 02-01-2006 03:40 PM
Newbie cant figure out BitTorrent d_GeNeRiT Fedora 4 01-26-2006 10:48 PM
I'm a NEWBIE Can't figure this out!!!! swagdogpsu69 Linux - Software 16 09-23-2003 12:39 AM
half life server? Total Newbie Can't figure out bin files Facekhan Linux - Newbie 7 08-20-2003 11:45 AM
firewall woes... prodigius Linux - Security 2 10-28-2001 11:29 AM


All times are GMT -5. The time now is 02:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration