LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-29-2011, 04:06 PM   #1
rfrusher
LQ Newbie
 
Registered: Oct 2011
Location: Texas
Posts: 14

Rep: Reputation: Disabled
SUSE


Can someone point me in the right direction for documentation on setting up a firewall.
Thanks
Ron
 
Old 11-29-2011, 04:18 PM   #2
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,577
Blog Entries: 14

Rep: Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969
The main firewall tool for most Linux flavors is called iptables.

Doing a quick search for Suse and iptables yielded many hits including this one that looks promising:
http://www.novell.com/communities/no...ables-tutorial
 
Old 11-29-2011, 04:20 PM   #3
spiky0011
Senior Member
 
Registered: Jan 2011
Location: PLANET-SPIKE
Distribution: /LFS/Centos6.3/Debian
Posts: 2,126
Blog Entries: 1

Rep: Reputation: 316Reputation: 316Reputation: 316Reputation: 316
A better heading might be "I need help with setting up a firewall on Suse" Are you behind a router if so then that should have a built in firewall
 
0 members found this post helpful.
Old 11-29-2011, 05:14 PM   #4
rfrusher
LQ Newbie
 
Registered: Oct 2011
Location: Texas
Posts: 14

Original Poster
Rep: Reputation: Disabled
Suse Firewall

I apologize for not being clearer. I am learning about firewall through linux SUSE. I am looking for information on how to edit the hosts.allow and the hosts.deny file and some examples. I have a linux box that I am practicing with to see how it works.
Thanks
Ron
 
Old 11-30-2011, 08:18 AM   #5
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,052

Rep: Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881
Quote:
Originally Posted by rfrusher View Post
I am looking for information on how to edit the hosts.allow and the hosts.deny file and some examples. I have a linux box that I am practicing with to see how it works.
Thanks
Ron
See 'man tcpd', but don't believe that this is the firewall.

'man iptables' would give you a decent introduction to the underlying 'iptables', but do note that SUSE (presumably openSUSE, not SLES/SLED) has its own firewall set-up system, within Yast. Now, this isn't normally a problem, as you just use Yast to set iptables up, but, if your objective is to get 'down and dirty' with the rules to understand iptables better, then it may not do what you want and it may get in the way, if you write your own iptables rulesets.
 
Old 11-30-2011, 09:29 AM   #6
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
You might want to install the opensuse-security_en-pdf package which covers things like libwrap and suseFirewall2.
Look at chapter 14: Masquerading and Firewall.

Also read "man 5 hosts_access" and "man tcpd" for information about hosts_allow and hosts_deny. Some services such as smbd (samba) let you configure access in their own config files as well.

SuSE's firewall also has a config file /etc/sysconfig/SuSEfirewall2 as well as scripts for each service in /etc/sysconfig/SuSEfirewall2.d/. Using openSuSE, you configure items in /etc/sysconfiig/SuSEfirewall2 by setting variables. E.G.
FW_SERVICES_DMZ_UDP="". When the firewall service starts, it sources the config files and uses the variables to create the iptables commands that are run.

You can still modify rules using the iptables command in your learning process. For example, suppose someone is banging on port 22.
Add your own rule, dropping packets coming from that IP address. Then check /var/log/messages to verify that the attack has stopped.

Also check out the System Administrators Guide (SAG guide). Install the "books" package, or download from the tldp.org website.

Last edited by jschiwal; 11-30-2011 at 09:49 AM.
 
Old 11-30-2011, 10:29 AM   #7
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,577
Blog Entries: 14

Rep: Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969Reputation: 969
hosts.allow and hosts.deny are for tcp wrappers which is a separate security mechanism than iptables. There are multiple ways of doing security for different things. For hosts.allow and hosts.deny to work for a given application it must be tcp wrapper aware.

This link is for Suse tcp wrappers:
http://linuxmafia.com/pub/linux/suse...chapter26.html
 
Old 12-01-2011, 06:56 AM   #8
rfrusher
LQ Newbie
 
Registered: Oct 2011
Location: Texas
Posts: 14

Original Poster
Rep: Reputation: Disabled
Thank you

This is some information that I can follow up with. Thank you
I am trying to learn the hard bolts and nuts and not looking for the easy way through YAST
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off




All times are GMT -5. The time now is 12:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration