Having gotten the default GUI firewall tool in Mandrake 9.1 to either give me "no firewall" or "no access" to the www and having seen others post with the same problem, I returned to the bootscript approach and copied one from a forum to a file /etc.rc.d/rc.firewall* and gave it 755 permissions.
Next, I opend /etc/rc.d/rc.local and added the line "etc/rc.d/rc.firewall" without the quotes to the bottom of the file so as to run the rc.firewall executable on boot.
I turned off the GUI firewall in MCC and rebooted; I accessed the web and went to Sygate for a portscan and it looked like I had done something. Whereas before the best that was reported was that many ports were "closed" and many were open reflecting services which I have since shutdown, now I had many ports "undetected" and only 2 open ports.
The 6000 port for X11 and 631 for CUPS were vulnerable so I returned to the command line and added " -nolisten tcp" to the Xserver initialization line (See Security forum for clues to the path) and used "nmap -vv localhost" to confirm that now the only port of interest is 631 for CUPS.
The new problem is that when I tried to access the web, I was trapped inside my connection and could not get past the ISP. This is identical to the condition with any settings except "no firewall" in the GUI.
I am getting frustrated with this. Any comments from anybody?
thanks for any help robertn
ps I traced my "iptables" file to /sbin/iptables and everything looks right, but I really don't know that the script I boot is doing anything. For all I know, some default script is running from all the fiddling I have been doing with Shorewall. Hope I have not confused the reader with all this; I have certainly confused myself.