iptables -F
iptables -Z
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

I installed this script and Copied/Pasted onto the rc.local file. And guess what?? IT WORKED under GRC.com ALL PORTS were stealthed.

So, Im going to install Guarddog maybe just for the heck of it .

Anyway, I saved the script on OpenOffice to use for future use whenever I install Linux on an other machine.

ftp://fr.rpmfind.net/linux/Mandrake/...-5mdk.i586.rpm

is one place to find a Mandrake version of the Guarddog rpm.

Don't believe anybody who says Linux is secure without a firewall. No operating system is secure against Internet intrusion without a firewall. Linux users haven't been attacked as much as Windows users because they're in a minority, because there's widespread contempt for Microsoft and its products, and, I will just about bet, because many, many of the attackers themselves use Linux. Not because they're evil (they're evil!) but because they're smart (unfortunately they're also smart).

To get the firewall settings so that you can be "stealthed" just don't open up anything you don't need to. I have nothing open under the "local" zone, and in the Internet zone I have http, https, ftp, enabled for file transfer; for mail I have pop3, smtp, and pop3s; under media I have RealPlayer enabled; under network I have enabled ping, traceroute, and dns; and under data serve I have enabled ntp. Your needs may be different. I also had to enable a high-numbered port to be able to administer a domain that I own--the customer service rep told me what one to open up.

That's all I have going. I test every now and then to make sure I'm stealthed. I was in bad shape a few days ago because I had a system failure that required reinstalling Guarddog and I forgot to do it right. But now it's OK again.

I would as soon not be on the Internet as to operate without a good firewall setup. I hope Guarddog works well for you, too.

jonr -

Thanks.

Error message when opening the Firewall:
Guarddog was unable to read the file at /etc/rc.firewall as being a Guarddog firewall.
This means that this file is in, is not a working Guarddog firewall.

By any means, if I cant get this to work, then I will be using the iptables script.

WEIRD!!!!! after I clicked on the OK button on the error message, it opened up Guarddog and the Apply and OK buttons under the Protocol Tab was not faded anymore.
Is it because that I was not running as 'su' or root??

This is a MUST for me to know. When the GuarDDog Firewall becomes functional, will I have to DELETE the Iptables Script from the ( rc.local ) directory???

I need to know this. Because the Iptables script seems to be working and stealthing all my ports. So (with opinions needed) is it really necessary to delete that script under rc.local???? Or use Guarddog without deleting the Script???

No, you don't need to do anything about the iptables script--in fact, that is what puts your firewall into operation. Guarddog isn't a firewall by itself, it just adjusts the iptables values according to your needs, by means of its graphic interface.

The error message when you first opened Guarddog only meant that as far as it could see, it hadn't been used yet. Not that anything was wrong. The same thing will probably happen again if you ever have to reinstall it, like after a major system upgrade. It's really not an error, just an alert that Guarddog sees you need to start from scratch configuring how it's set up.

What if I hadn't installed Guarddog and just used the iptables script what I Copied/Pasted into the rc.local file???

Would that make my computer secure? Because even before I installed Guarddog, my ports were stealth on the GRC website.

In other words, If I decide to delete Guarddog, and leave the Iptables Script code in the rc.local, will I be secure?? Or do I have to have Guarddog working beside it???

As long as your iptables remain the same, that's all that matters--you don't NEED Guarddog, it's just a tool. The iptables setup that came with my Mandrake 9.2 distro left a whole lot of ports merely closed or even open--and I don't have the knowledge to adjust iptables by hand, nor do I want to spend my remaining years (I'm 64 and counting) learning something so complicated--I have other things to do.

So that's why I got Guarddog. In a few minutes it accomplished what I might not have been able to do in months.

Once the tables are set up right, you certainly don't need Guarddog any longer. But I want to keep mine because sometimes I have to reinstall the OS (I'm too impatient to seek other solutions to some problems) and then I need to get the tables right again. Guarddog to the rescue!

The only thing I don't like about Guarddog is that it requires all those KDE resources--and I don't use KDE for anything else. So I have to have lots of otherwise unnecessary stuff on my machine. But it's worth it.

For me.

Could I use this iptables script in Windows?

If yes, then what do I have to do?

Could I use this iptables script in Windows?
No. Windows doesn't use iptables. It has it's own rudimentry firewall which has basic packet filtering capabailites. If you want to talk about the windows firewall, please start a new thread in the General forum.