Setting up MDK 9.2 Firewall
I can't seem to get MDK's built-in firewall set up so that Opera AND Konquerer can access the web. When I set it up with no boxes checked like in the instructions it won't let the browsers connect. I've tried it every which way and no luck. What's the secret?:newbie:
|
This is kind of vague; I assume you are talking about shorewall, the iptables "front-end"? What's your connection (direct to internet/ through LAN, etc)? Anyway, the browser's in the way, diagnostics-wise.
ping (yourself, local to LAN, to gateway, to external address) To turn it off, if it is shorewall, go to /etc/init.d and: ./shorewall clear (I think) to shut down the firewall (just stopping it drops all outside connections). ./shorewall start back on. Turn it off, turn it on, ping here, ping there, figure out where and why the connection is blocked. and... 1) post more detail, or, 2) man iptables |
raysr, please explain you setup. is your mandrake box a gateway or a standalone machine?
The more time you explain, the less it takes for us to give you a solution. |
Standalone box. It's the firewall that is integrated in MDK, I don't know what the name of it is. The set-up instructions say to leave all boxes unchecked but it doesn't work that way. It has "Web server, pop and Imap server, domain name server, SSH, FTP, mail server and Everything (no firewall)". I also has advanced to enter ports.:newbie:
|
and what do you want to do with your machine? just brose the internet? just leave everything unchecked, so that you drop any incoming connection.
|
That's the problem I have, I leave everything unchecked and it won't let the browsers hook up.
|
and if you check them all, it passes?
|
It has a box "Everything, no firewall" that's the only way it will work. The instructions say to leave everything unchecked but no go.
|
hmmm, I don't use mandrake so I can't help you more here...
have you checked the errata? are all your packages up to date? |
Yes as far as I know. Oh well....
|
I tried using ports "80/tcp and 80 upd" but it still won't work. What ports are the web browsers using? I looked in etc/services and found http and www, they were 80's.
|
There must be a bug somewhere, because this firewall is usually blocking only incoming connexions, not outgoing.
port for http is 80, yes |
"t has "Web server, pop and Imap server, domain name server, SSH, FTP, mail server and Everything (no firewall)".
If that's Mandrake, then what we have here is shorewall, as I mentioned before. It is a configuration tool for Netfilter/iptables. You ask: "What's the secret?" The secret is this: the only way you are going to get that thing configured is to go to those websites and read. The guy who made shorewall is something of an open-source software rarity: an exhaustive documentor, and his website is quite thorough. You are probably not going to get what you need by checking boxes, though, because linux firewalling is still kinda nuts and bolts; it's just about imposible to use without getting your hands rather dirty at the CLI. Well, if you must, is this a kinda standard default recent Mandrake distro? Yes? ok. Open your browser, type https://127.0.0.1:10000 in the address bar, and see if you can make it work by clicking around in there. God knows it's helped me once in a while. |
Thanks for the replies! Downloaded "guarddog" and it works great! Checked on pcflank.
|
All times are GMT -5. The time now is 10:37 PM. |