MandrivaThis Forum is for the discussion of Mandriva (Mandrake) Linux.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I'm having a problem with my firewall settings in Mandrake 9.2. Everytime I change something to it (for example: enabling a port like 80/tcp), the next time I check, it is set back to it's original settings.
I've had this problem at every Linux distribution I've ever tried. Does somebody know what's the problem? I've heard you should change it in some files, instead of in the control center, but that neither works.
before you make the changes you should stop the firewall service, then restart it after you make the changes for them to stick. (i'm assuming you're using shorewall) if so, before making any changes, in terminal as root type............
service shorewall stop
to restart it, type...............
service shorewall start
service shorewall restart
to check out the status of shorewall, type.........
also, you don't have 2 eth0 cards, do you? the last error seems to tell me it's detecting more than 1 eth0 entry in your interfaces.conf file. if you get the same error with the above command, please post the contents of...........
2 things to try. since i never had multiple internet profiles set up, i'm sorta just guessing on #2.....
1. stop shorewall, comment out the line that says "masq eth0 detect" so it looks like this........
#masq eth0 detect
save, restart shorewall & see if that fixed it. if not..............
2. i think you'll need to edit your /etc/shorewall/users & /etc/shorewall/usersets config files to define what users are allowed internet access. like i said, i've never done this, but it looks pretty much self explanatory in the instructions section.
Never mind, it works!. I had to remove the second line (masq eth0 detect) from it.
If the firewall problem is solved, I don't now yet. Some of the ports I specify (like 80/tcp) go away (however I think it's allowed, because Apache runs fine), others (like 13666/tcp) stay in the list, but I think it's working.
Thanks for your help, otish. You really saved my day.
go to Gibson Research to test out the firewall. scroll down to "hot spots" & click the "shields up" link. click "proceed" then choose the "all service ports" scanning option. let it scan. it takes a litle while depending on your connection speed. all green (stealth) is the best result you can hope for. all blue (closed), or a combo of blue & green is good, but not as good as stealth. any red (open) needs attention. you can click on any square on the grid for info on that particular port & what to do about it. be warned, the guy (Steve Gibson) is a bit of a fanatic about internet security, so don't be too alarmed by all his dire warnings. and, it's pretty much a Windows-centric site as far as how to configure ports & stuff. but, it's prolly the best security test out there.
On the subject of firewall settings in MDK9.2. The Mandrake Control Center's firewall admin window enables both the incoming and outgoing protocols for each port at the same time, which is not very good.
MDK10, on the other hand, does it better. All outgoing protocols are enabled, so if you disable all ports in the firewall admin, that just disables all the incoming protocols, which is fine for an Internet client PC.