LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-22-2004, 11:39 PM   #31
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46

Ah, on ppp you may have to redial for the changes to take effect! Not sure.
 
Old 08-22-2004, 11:42 PM   #32
unixfreak
Member
 
Registered: Jul 2004
Distribution: Linux 2.4.21-0.13mdk, W2K
Posts: 412

Original Poster
Rep: Reputation: 30
I went to DrakFirewall and I unticked CUP and everything is unticked. I clicked OK and no additional prompt like PPP popped up. I clicked OK and thats it. When I went there again to check CUPS was still checked.

Or, are you talking about the Services Lists?
 
Old 08-23-2004, 12:00 AM   #33
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46
Nope. I'm talking about drakfirewall. Your's appears broken somehow It works here.

if you go to a term and as root type

/etc/init.d/shorewall status

what do you get (if anything)
 
Old 08-23-2004, 12:08 AM   #34
unixfreak
Member
 
Registered: Jul 2004
Distribution: Linux 2.4.21-0.13mdk, W2K
Posts: 412

Original Poster
Rep: Reputation: 30
No such file or directory.

If I need to download a firewall whaich one do you recommend thats not hard to install or configure?

In yours, what did you do to make yours work? Or, maybe I have to pop in the CD3 and install Shorewall.
 
Old 08-23-2004, 12:28 AM   #35
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46
Most linux firewalls tend to be iptables scripts and I have found shorewall to be okay. I'm using it now as a second layer firewall behind the smoothwall box.

try installing it separately and see how you go, but I don't understand why the wizrd isn't working on your end. Do you have the box set on standard security (not that I know that would make any difference).

It was no trouble here. I installed and did the initial shorewall setup here with the wizard.

After that I just edit the

/etc/shorewall/rules

file, and others, to set it up like I want... ie the internal firewall needs a lot of open ports for nfs and smb file transfers and P2P and such... Then I run

/etc/init.d/shorewall restart

to update the rules... I've had it working here on a few versions on mandrake from 9.x to 10... I'm at a loss why it doesn't work there...

There are other scripts to try, like firestarter, but I don't know much about that...
 
Old 08-23-2004, 12:41 AM   #36
unixfreak
Member
 
Registered: Jul 2004
Distribution: Linux 2.4.21-0.13mdk, W2K
Posts: 412

Original Poster
Rep: Reputation: 30
Under DrakSec, its set to 'High'

Now, how do I install Shorewall? Please explain. I cant let my system hang out like this. This does not look good.
 
Old 08-23-2004, 12:46 AM   #37
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46
urpmi shorewall

in a term as root user should do it... Ohter wise go to known disk and use rpm -i
 
Old 08-23-2004, 12:56 AM   #38
unixfreak
Member
 
Registered: Jul 2004
Distribution: Linux 2.4.21-0.13mdk, W2K
Posts: 412

Original Poster
Rep: Reputation: 30
Ok I got it.

It ask me to install CD-1 and I installed Shorewall.

I did the command:

/etc/init.d/shorewall

here are the results. What should I do???

start | restart | and stuff like that.

And typed start, and it said "command not found"

Maybe I typed the something wrong. Please tell me what to do from here.

I just did the command "urpmi shorewall" and the results were Already Installed

Last edited by unixfreak; 08-23-2004 at 01:00 AM.
 
Old 08-23-2004, 01:04 AM   #39
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46
You could try the drakfirewall config again and see if it works now.

/etc/init.d/shorewall start

may work, but the config files probably are not set right. Running drakfirewall should set them for you hopefully.
 
Old 08-23-2004, 01:07 AM   #40
unixfreak
Member
 
Registered: Jul 2004
Distribution: Linux 2.4.21-0.13mdk, W2K
Posts: 412

Original Poster
Rep: Reputation: 30
Ok, From the Services List I located Shorewall. (Finally).

But PROBLEM!!!!. When I selected Shorewall to be Running my my webpages do not pop up. I could connect using KPPP but my homepage webpages will not show.

Now I selected it to Stop and they work fine.

What do I need to configure here.???

And under DrakSec I selected HIGH.
 
Old 08-23-2004, 01:14 AM   #41
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46
Under draksec I would use standard for the moment at least til you get the firewall working.

You will have to go through the drakfirewall wizard again to makesure the firewall is set up correctly, or edit the firewall rules directly - which can be hard for ppp.
 
Old 08-23-2004, 01:26 AM   #42
unixfreak
Member
 
Registered: Jul 2004
Distribution: Linux 2.4.21-0.13mdk, W2K
Posts: 412

Original Poster
Rep: Reputation: 30
Im confused.

How could I get the firewall working when I can't view webpages. So do you mean set it to Standard so I could view webpages?

Also, where could I configure the iptables for this firewall?

Im only using the computer for standard Internet and Email, thats it.

So how could I configure the Shorewall?
 
Old 08-23-2004, 01:31 AM   #43
unixfreak
Member
 
Registered: Jul 2004
Distribution: Linux 2.4.21-0.13mdk, W2K
Posts: 412

Original Poster
Rep: Reputation: 30
I set it to Standard in DrakSec.

Then I set Shorewall to be running. I still could not view webpages.

Where do I go and edit the rules. Thats what Im trying to figure out.

Last edited by unixfreak; 08-23-2004 at 01:32 AM.
 
Old 08-23-2004, 01:39 AM   #44
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46
you configure shorewall by running the drakfirewall wizard. Have you tried that again since you got shorewall installed with urpmi?

You can configure it by hand, but it's harder. You would need something like
net ppp0 detect
in your
/etc/shorewall/interfaces
file and lines like
ACCEPT net fw udp 111,137,138,139,631 -
ACCEPT net fw tcp 22,111,137,138,139,631 -
in your
/etc/shorewall/rules
file and you may need to check the policy and zones files and it's generally a bit technical... The general policy would be to drop packets and then you set ports to accept in the rules file...

Would be easier if you could get DRAKFIREWALL to do the setup for you
 
Old 08-23-2004, 01:40 AM   #45
amosf
Senior Member
 
Registered: Jun 2004
Location: Australia
Distribution: Mandriva/Slack - KDE
Posts: 1,672

Rep: Reputation: 46
Just note they were my type settings and you probably would not want to leave the smb ports open to the net... I have an extra firewall layer here so I can do that...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Is Mandrake vulnerable to viruses, worms, and spyware? wardialer Linux - Security 5 10-06-2004 12:59 AM
Viruses nick_krym Linux - Newbie 6 04-02-2004 09:00 AM
Viruses teyesahr Linux - Newbie 2 09-09-2003 12:55 PM
viruses nautilus_1987 Linux - General 5 10-05-2002 12:30 AM
Viruses? Will Linux - Security 2 11-08-2001 01:04 AM


All times are GMT -5. The time now is 10:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration