LinuxQuestions.org - my new firewall ipkungfu

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - my new firewall ipkungfu (https://www.linuxquestions.org/questions/linux-software-2/my-new-firewall-ipkungfu-787806/)

my new firewall ipkungfu

Hi folks, found ipkungfu which is fairly intuitive. and seems to work well.

i'm running ubuntu jaunty, and whenever i change the config file, and go for

Code:

root@tux:~# /etc/init.d/ipkungfu restart

Not starting ipkungfu: Please read /usr/share/doc/ipkungfu/README.Debian for details

README.debian

Code:

ipkungfu for Debian

-------------------



 IPKUNGFU STARTING AT BOOT



  The package ipkungfu will now no longer start during boot, unless you have mo

  /etc/default/ipkungfu.  Please make sure you have edited /etc/ipkungfu/ipkung

  security feature.  The correct way of disabling this feature is to change the

  in /etc/default/ipkungfu



  Note that this has no effect when ipkungfu is run directly from the command l





 GENERAL



  I've got a feeling there are still some things I may have missed/messed up, i

  please submit a bug to Debian bug tracker (via reportbug or other means).



 -- Nigel Jones <nigelj@gmail.com>  Fri, 24 June 2005 22:54:32 +1200

which does not help much. It starts fine, on a reboot.

also whats this thing called authfail?

Did you changed
/etc/default/ipkungfu

Quote:

Originally Posted by repo (Post 3856837)

Did you changed
/etc/default/ipkungfu

I hadn't because I thought it would start. Ok it does now! but:

Code:

root@tux:~# ipkungfu -c

Checking integrity: ..        PASSED

IPKungFu is loaded with option -A INPUT -s 0.0.0.1/32 -i lo -j LOG --log-prefix "IPKF_IPKungFu " 

root@tux:~# /etc/init.d/ipkungfu restart

 * Restarting iptables based firewall ipkungfu                                  iptables-restore v1.4.1.1: Symbolic name "0x10/0x3f" is unknown

Error occurred at line: 17

Try `iptables-restore -h' or 'iptables-restore --help' for more information.

root@tux:~# /etc/init.d/ipkungfu start

iptables-restore v1.4.1.1: Symbolic name "0x10/0x3f" is unknown

Error occurred at line: 17

Try `iptables-restore -h' or 'iptables-restore --help' for more information.

root@tux:~#

Look at line 17 in the script

Quote:

Error occurred at line: 17

Quote:

Originally Posted by repo (Post 3856914)

Look at line 17 in the script

thats easier said than done, there are lots of them!

root@tux:~/ipkungfu# ls
accept_hosts.conf deny_hosts.conf~ post.conf services.conf~
advanced.conf forward.conf pre.conf vhosts.conf
cache ipkungfu.conf pre.conf~
custom.conf ipkungfu.conf~ redirect.conf
deny_hosts.conf log.conf services.conf

I would guess

Code:

ipkungfu.conf

Or look in

Code:

/etc/init.d/ipkungfu

to see which script is executed
Did you read the info on
http://ipkungfu.ufsoft.org/ ?

Quote:

Originally Posted by repo (Post 3856933)

I would guess

Code:

ipkungfu.conf

Or look in

Code:

/etc/init.d/ipkungfu

to see which script is executed
Did you read the info on
http://ipkungfu.ufsoft.org/ ?

Yeah I've read it, but it doesn't seem to help. the fault seems not in any of them files. :(

Perhaps you can create a ticket or contact the maintainer
http://ipkungfu.ufsoft.org/report

decided to abandon ipkungfu

now trying gufw and ufw

here is my current nmap output

Code:

johnh10000@tux:~$ nmap -v -A 192.168.1.3



Starting Nmap 4.76 ( http://nmap.org ) at 2010-02-15 10:24 GMT

Initiating Ping Scan at 10:24

Scanning 192.168.1.3 [1 port]

Completed Ping Scan at 10:24, 0.00s elapsed (1 total hosts)

Initiating Connect Scan at 10:24

Scanning tux.isa-geek.org (192.168.1.3) [1000 ports]

Discovered open port 80/tcp on 192.168.1.3

Discovered open port 21/tcp on 192.168.1.3

Discovered open port 111/tcp on 192.168.1.3

Discovered open port 139/tcp on 192.168.1.3

Discovered open port 10000/tcp on 192.168.1.3

Discovered open port 4443/tcp on 192.168.1.3

Discovered open port 901/tcp on 192.168.1.3

Discovered open port 6006/tcp on 192.168.1.3

Discovered open port 8080/tcp on 192.168.1.3

Discovered open port 5900/tcp on 192.168.1.3

Discovered open port 16001/tcp on 192.168.1.3

Discovered open port 445/tcp on 192.168.1.3

Completed Connect Scan at 10:24, 1.19s elapsed (1000 total ports)

Initiating Service scan at 10:24

Scanning 12 services on tux.isa-geek.org (192.168.1.3)

Completed Service scan at 10:27, 135.47s elapsed (12 services on 1 host)

SCRIPT ENGINE: Initiating script scanning.

SCRIPT ENGINE: '/usr/share/nmap/scripts/dns-test-open-recursion.nse' threw a run time error and could not be loaded.

SCRIPT ENGINE: '/usr/share/nmap/scripts/skype_v2-version.nse' threw a run time error and could not be loaded.

SCRIPT ENGINE: error while initializing script rules:

/usr/share/nmap/scripts/script.db:20: rpcinfo.nse is not a file!

stack traceback:

        [C]: in function 'Entry'

        /usr/share/nmap/scripts/script.db:20: in main chunk

        [C]: ?

        [C]: ?



SCRIPT ENGINE: Aborting script scan.

Host tux.isa-geek.org (192.168.1.3) appears to be up ... good.

Interesting ports on tux.isa-geek.org (192.168.1.3):

Not shown: 988 closed ports

PORT      STATE SERVICE    VERSION

21/tcp    open  ftp          (Generally vsftp or WU-FTPD)

80/tcp    open  http        Apache httpd 2.2.11 ((Ubuntu) PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0)

111/tcp  open  rpcbind

139/tcp  open  netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)

445/tcp  open  netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)

901/tcp  open  http        Samba SWAT administration server

4443/tcp  open  unknown?

5900/tcp  open  vnc        VNC (protocol 3.7)

6006/tcp  open  X11:6?

8080/tcp  open  http        TwistedWeb httpd 8.2.0

10000/tcp open  http        Webmin httpd

16001/tcp open  tcpwrapped

2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port21-TCP:V=4.76%I=7%D=2/15%Time=4B7920FB%P=i686-pc-linux-gnu%r(NULL,2

SF:3,"220\x20Welcome\x20to\x20Tux's\x20FTP\x20service\.\r\n")%r(GenericLin

SF:es,6F,"220\x20Welcome\x20to\x20Tux's\x20FTP\x20service\.\r\n530\x20Plea

SF:se\x20login\x20with\x20USER\x20and\x20PASS\.\r\n530\x20Please\x20login\

SF:x20with\x20USER\x20and\x20PASS\.\r\n")%r(Help,49,"220\x20Welcome\x20to\

SF:x20Tux's\x20FTP\x20service\.\r\n530\x20Please\x20login\x20with\x20USER\

SF:x20and\x20PASS\.\r\n")%r(SMBProgNeg,23,"220\x20Welcome\x20to\x20Tux's\x

SF:20FTP\x20service\.\r\n");

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port6006-TCP:V=4.76%I=7%D=2/15%Time=4B7920FB%P=i686-pc-linux-gnu%r(NULL

SF:,3,"HB!")%r(X11Probe,3,"HB!")%r(GenericLines,3,"HB!")%r(HTTPOptions,3,"

SF:HB!")%r(RPCCheck,3,"HB!")%r(DNSStatusRequest,3,"HB!")%r(SSLSessionReq,3

SF:,"HB!")%r(FourOhFourRequest,3,"HB!")%r(LDAPBindReq,3,"HB!")%r(SIPOption

SF:s,3,"HB!")%r(TerminalServer,3,"HB!")%r(NotesRPC,3,"HB!")%r(oracle-tns,3

SF:,"HB!");



Read data files from: /usr/share/nmap

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 138.47 seconds

attached is my rules why are they not the same. also ftp works on box serving, but no where else. this is a passsie ports issue, even if i open the ports still no joy. and finnaly what have i forgotten, for samba? works fine everywhere bar on tux :( disable fw works fine.