LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-10-2002, 06:12 PM   #1
safra
LQ Newbie
 
Registered: Jul 2002
Posts: 27

Rep: Reputation: 15
Red Hat 7.3 firewall settings?


Hi,

I installed Red Hat 7.3 last week and remember that I went through security settings. I chose for medium security and allowed html, ftp. I also remember that I was able to enter port numbers which I didn't do.

At the moment I am experimenting with a perl socket server. Locally everything works fine but I can not get access to the socket server from a remote system. I do get access to the html page with the embedded multi user application.

I think this has to do with a security issue.

My question is how can I get acces to the firewall settings and allow traffic on the port I am using?

I can't find anything about the firewall in KDE.

Thanks,
Ron
 
Old 07-10-2002, 06:40 PM   #2
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Rep: Reputation: 56
You should take a look at iptables http://www.telematik.informatik.uni-...les-HOWTO.html
 
Old 07-11-2002, 05:26 AM   #3
safra
LQ Newbie
 
Registered: Jul 2002
Posts: 27

Original Poster
Rep: Reputation: 15
hmmm... I am kinda lost now

I had a look at that page and tried to find more information about iptables and ipchains with examples of how to create a chain for what I need. Didn't find it so far.

Meanwhile I found the firewall configuration settings in KDE (system > firewall configuration).

If I go to the tab OPTIONS, "All" is selected for ICMP and the default policies for INPUT, FORWARD and OUTPUT are all set to ACCEPT.

Does this mean traffic is allowed on all ports and the problem I am having is caused by something else???

I tried to add a new rule to the configuration with the source and destination port set to the one I am using and the protocol set to TCP but it didn't allow me to leave the source IP and destination IP open (access for all users). The manual said to use * for this, although this worked for src device and dst device not for both ip's???

To eliminate possible causes of the problem, is there a simple way to test if traffic is accepted from the port I am using?

what is the code to add a chain saying that traffic from port x is accepted from all users in all directions (INPUT FORWARD OUTPUT).

Thanks,
Ron
 
Old 07-11-2002, 10:57 PM   #4
taz.devil
Senior Member
 
Registered: Nov 2001
Location: Wa. State
Distribution: Slackware
Posts: 1,261

Rep: Reputation: 45
If you have the BIND-utils installed (probably do) you can nmap yourself to see what is showing up open/closed or nothing at all...a common nmap might be:

nmap -sS -O localhost (or use the IP you get/got from yer ISP)

Also, firestarter is a nice little program for creating firewall rules and so forth with a little more ease.
 
Old 07-12-2002, 05:46 AM   #5
safra
LQ Newbie
 
Registered: Jul 2002
Posts: 27

Original Poster
Rep: Reputation: 15
Thanks for the help:

It tried:

nmap -sS -O localhost

This returned around 8 lines with ports that are open and the line:

"The 1548 ports scanned but not shown are in state:closed"

The port I use was not in the list so apparantly this port is closed.

Next thing I tried was installing firestarter to open this port, I followed the instructions. This seemed to be all well, except for finding where it is located and starting it.

"find / -name httpd -print" returns
/usr/bin/firestarter

but it can't be executed, the properties of the file say "Link to unknown"

tried to install it once more (didn't unistall first), this process went a lot quicker, but with the same result.

anyone knows what might have gone wrong and what I have to do to fix this?

Ron
 
Old 07-12-2002, 05:58 AM   #6
safra
LQ Newbie
 
Registered: Jul 2002
Posts: 27

Original Poster
Rep: Reputation: 15
hang on!

just found firestarter in the start menu programs>internet

let's see if I get this to work now.

Urgh.......still don't understand why my attempt to find it through the command line didn't work??
 
Old 07-12-2002, 06:27 AM   #7
safra
LQ Newbie
 
Registered: Jul 2002
Posts: 27

Original Poster
Rep: Reputation: 15
hmmm,

Can't figure out how to open a specific port in firestarter. The only way must be somewhere in the firestarter firewall wizard when choosing advanced setup. But where? Is it at ToS filtering? Still no way to specify a port number!

Could anyone please direct me on how to open a port number?

Ron
 
Old 07-12-2002, 01:26 PM   #8
taz.devil
Senior Member
 
Registered: Nov 2001
Location: Wa. State
Distribution: Slackware
Posts: 1,261

Rep: Reputation: 45
You can manually do it by editing /usr/etc/firestarter/firewall.sh

Also, you will see the allow-all file in which you can add the ports easier. likewise the deny-all and others.

Last edited by taz.devil; 07-12-2002 at 01:27 PM.
 
Old 07-12-2002, 02:24 PM   #9
safra
LQ Newbie
 
Registered: Jul 2002
Posts: 27

Original Poster
Rep: Reputation: 15
I found the files, but as I am a newbie I have no idea what to change or add. I went carefully through the file firewall.sh but I didn't find anything on opening ports. The file allow-all is empty except line one (#!/bin/sh).

What should I add to this script to open all tcp traffic on for example port 10000?

Ron
 
Old 10-29-2002, 03:48 PM   #10
The Jesus
Member
 
Registered: Mar 2002
Location: Cleveland, Ohio
Distribution: Ubuntu, Gentoo, Fedora Core 5, FreeBSD
Posts: 50

Rep: Reputation: 15
To test to see if it is actually a firewall problem you should type "service ipchains stop" at a terminal. This will set all the firewall default rules to accept. If that works then you have a firewall problem for sure.
 
Old 11-08-2002, 10:43 AM   #11
avocado
LQ Newbie
 
Registered: Nov 2002
Posts: 1

Rep: Reputation: 0
I'm having the same problem...all I want to do is allow my firewall to accept ssh connections. sshd is running already. All I need to do is change that firewall setting... any help here?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Red Hat 9 having difficulty remembering its internet settings. flapjackboy Linux - Networking 6 08-11-2003 01:16 PM
Window manager settings on Red Hat 9 Thaidog Linux - Distributions 2 05-06-2003 01:51 AM
Red Hat 8 and Firewall...... cnc76 Linux - Distributions 1 01-24-2003 05:12 PM
Red Hat 8 and Firewall...... cnc76 Linux - Networking 1 01-24-2003 12:07 PM
Red Hat screen settings icesar Linux - General 3 10-10-2002 03:08 PM


All times are GMT -5. The time now is 09:07 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration