LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Setting up MDK 9.2 Firewall (https://www.linuxquestions.org/questions/linux-newbie-8/setting-up-mdk-9-2-firewall-131017/)

raysr 01-02-2004 09:27 PM
Setting up MDK 9.2 Firewall
 
I can't seem to get MDK's built-in firewall set up so that Opera AND Konquerer can access the web. When I set it up with no boxes checked like in the instructions it won't let the browsers connect. I've tried it every which way and no luck. What's the secret?:newbie:

axlotl 01-03-2004 01:56 AM
This is kind of vague; I assume you are talking about shorewall, the iptables "front-end"? What's your connection (direct to internet/ through LAN, etc)? Anyway, the browser's in the way, diagnostics-wise.

ping (yourself, local to LAN, to gateway, to external address)

To turn it off, if it is shorewall, go to /etc/init.d and:
./shorewall clear
(I think) to shut down the firewall (just stopping it drops all outside connections).
./shorewall start
back on.

Turn it off, turn it on, ping here, ping there, figure out where and why the connection is blocked.

and...

1) post more detail, or,
2) man iptables

ugob 01-03-2004 08:28 AM
raysr, please explain you setup. is your mandrake box a gateway or a standalone machine?

The more time you explain, the less it takes for us to give you a solution.

raysr 01-04-2004 12:26 PM
Standalone box. It's the firewall that is integrated in MDK, I don't know what the name of it is. The set-up instructions say to leave all boxes unchecked but it doesn't work that way. It has "Web server, pop and Imap server, domain name server, SSH, FTP, mail server and Everything (no firewall)". I also has advanced to enter ports.:newbie:

ugob 01-04-2004 10:30 PM
and what do you want to do with your machine? just brose the internet? just leave everything unchecked, so that you drop any incoming connection.

raysr 01-05-2004 09:00 AM
That's the problem I have, I leave everything unchecked and it won't let the browsers hook up.

ugob 01-05-2004 09:02 AM
and if you check them all, it passes?

raysr 01-05-2004 09:47 AM
It has a box "Everything, no firewall" that's the only way it will work. The instructions say to leave everything unchecked but no go.

ugob 01-05-2004 09:52 AM
hmmm, I don't use mandrake so I can't help you more here...

have you checked the errata? are all your packages up to date?

raysr 01-05-2004 09:59 AM
Yes as far as I know. Oh well....

raysr 01-05-2004 01:31 PM
I tried using ports "80/tcp and 80 upd" but it still won't work. What ports are the web browsers using? I looked in etc/services and found http and www, they were 80's.

ugob 01-05-2004 01:43 PM
There must be a bug somewhere, because this firewall is usually blocking only incoming connexions, not outgoing.

port for http is 80, yes

axlotl 01-05-2004 07:16 PM
"t has "Web server, pop and Imap server, domain name server, SSH, FTP, mail server and Everything (no firewall)".

If that's Mandrake, then what we have here is shorewall, as I mentioned before. It is a configuration tool for Netfilter/iptables.

You ask: "What's the secret?" The secret is this: the only way you are going to get that thing configured is to go to those websites and read. The guy who made shorewall is something of an open-source software rarity: an exhaustive documentor, and his website is quite thorough. You are probably not going to get what you need by checking boxes, though, because linux firewalling is still kinda nuts and bolts; it's just about imposible to use without getting your hands rather dirty at the CLI.

Well, if you must, is this a kinda standard default recent Mandrake distro? Yes? ok. Open your browser, type https://127.0.0.1:10000 in the address bar, and see if you can make it work by clicking around in there. God knows it's helped me once in a while.

raysr 01-05-2004 07:46 PM
Thanks for the replies! Downloaded "guarddog" and it works great! Checked on pcflank.


All times are GMT -5. The time now is 10:37 PM.