Hi everybody.

I'm having a problem with my firewall settings in Mandrake 9.2. Everytime I change something to it (for example: enabling a port like 80/tcp), the next time I check, it is set back to it's original settings.

I've had this problem at every Linux distribution I've ever tried. Does somebody know what's the problem? I've heard you should change it in some files, instead of in the control center, but that neither works.

Thanks in advance.

before you make the changes you should stop the firewall service, then restart it after you make the changes for them to stick. (i'm assuming you're using shorewall) if so, before making any changes, in terminal as root type............

enter

to restart it, type...............

enter

or:
enter

to check out the status of shorewall, type.........

enter

otis

Thanks for the reply, but I'm having a problem with restarting shorewall.
This is what it says:

[root@localhost src]# shorewall start
Loading /usr/share/shorewall/functions...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Starting Shorewall...
Loading Modules...
Initializing...
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Connection Tracking Match: Available
Determining Zones...
Zones: net masq loc
Validating interfaces file...
Error: Duplicate Interface eth0
Terminated


Any idea what's going on?

you need to type..................

service shorewall start

also, you don't have 2 eth0 cards, do you? the last error seems to tell me it's detecting more than 1 eth0 entry in your interfaces.conf file. if you get the same error with the above command, please post the contents of...........

/etc/shorewall/interfaces

otis

I've tried with 'service shorewall start (and also with restart), but it says the same.
Below the contents of /etc/shorewall/interfaces (after the comments)

#ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect
masq eth0 detect
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

He does detect two eth0 configurations, but I think the second is the loopback interface, which
(I think) is normal for Linux.

I do have three profiles (default + two users) in my internet configuration screen. Could that be the problem?

2 things to try. since i never had multiple internet profiles set up, i'm sorta just guessing on #2.....

1. stop shorewall, comment out the line that says "masq eth0 detect" so it looks like this........

save, restart shorewall & see if that fixed it. if not..............

2. i think you'll need to edit your /etc/shorewall/users & /etc/shorewall/usersets config files to define what users are allowed internet access. like i said, i've never done this, but it looks pretty much self explanatory in the instructions section.

otis

Never mind, it works!. I had to remove the second line (masq eth0 detect) from it.

If the firewall problem is solved, I don't now yet. Some of the ports I specify (like 80/tcp) go away (however I think it's allowed, because Apache runs fine), others (like 13666/tcp) stay in the list, but I think it's working.

Thanks for your help, otish. You really saved my day.

go to Gibson Research to test out the firewall. scroll down to "hot spots" & click the "shields up" link. click "proceed" then choose the "all service ports" scanning option. let it scan. it takes a litle while depending on your connection speed. all green (stealth) is the best result you can hope for. all blue (closed), or a combo of blue & green is good, but not as good as stealth. any red (open) needs attention. you can click on any square on the grid for info on that particular port & what to do about it. be warned, the guy (Steve Gibson) is a bit of a fanatic about internet security, so don't be too alarmed by all his dire warnings. and, it's pretty much a Windows-centric site as far as how to configure ports & stuff. but, it's prolly the best security test out there.

otis

Thank you for telling me this. Very interesting site. I did the test. These are the results:

2 Ports Open
35 Ports Closed
1019 Ports Stealt

This is quite good, I think. The 2 open ports are Microsoft ports (I'm shocked and amazed ), so I better pay attention to them.

Thanks again for all your help, Otish.

On the subject of firewall settings in MDK9.2. The Mandrake Control Center's firewall admin window enables both the incoming and outgoing protocols for each port at the same time, which is not very good.

MDK10, on the other hand, does it better. All outgoing protocols are enabled, so if you disable all ports in the firewall admin, that just disables all the incoming protocols, which is fine for an Internet client PC.

Thanks for the advice Dave, but I'll stick to 9.2 for a while. It's the first time a Linux install runs so smooth on my computer and I've heard their are still a lot of problems with 10.0.