MandrivaThis Forum is for the discussion of Mandriva (Mandrake) Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm having a problem with my firewall settings in Mandrake 9.2. Everytime I change something to it (for example: enabling a port like 80/tcp), the next time I check, it is set back to it's original settings.
I've had this problem at every Linux distribution I've ever tried. Does somebody know what's the problem? I've heard you should change it in some files, instead of in the control center, but that neither works.
before you make the changes you should stop the firewall service, then restart it after you make the changes for them to stick. (i'm assuming you're using shorewall) if so, before making any changes, in terminal as root type............
Code:
service shorewall stop
enter
to restart it, type...............
Code:
service shorewall start
enter
or:
Code:
service shorewall restart
enter
to check out the status of shorewall, type.........
also, you don't have 2 eth0 cards, do you? the last error seems to tell me it's detecting more than 1 eth0 entry in your interfaces.conf file. if you get the same error with the above command, please post the contents of...........
I've tried with 'service shorewall start (and also with restart), but it says the same.
Below the contents of /etc/shorewall/interfaces (after the comments)
#ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect
masq eth0 detect
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
He does detect two eth0 configurations, but I think the second is the loopback interface, which
(I think) is normal for Linux.
I do have three profiles (default + two users) in my internet configuration screen. Could that be the problem?
2 things to try. since i never had multiple internet profiles set up, i'm sorta just guessing on #2.....
1. stop shorewall, comment out the line that says "masq eth0 detect" so it looks like this........
Code:
#masq eth0 detect
save, restart shorewall & see if that fixed it. if not..............
2. i think you'll need to edit your /etc/shorewall/users & /etc/shorewall/usersets config files to define what users are allowed internet access. like i said, i've never done this, but it looks pretty much self explanatory in the instructions section.
Never mind, it works!. I had to remove the second line (masq eth0 detect) from it.
If the firewall problem is solved, I don't now yet. Some of the ports I specify (like 80/tcp) go away (however I think it's allowed, because Apache runs fine), others (like 13666/tcp) stay in the list, but I think it's working.
Thanks for your help, otish. You really saved my day.
go to Gibson Research to test out the firewall. scroll down to "hot spots" & click the "shields up" link. click "proceed" then choose the "all service ports" scanning option. let it scan. it takes a litle while depending on your connection speed. all green (stealth) is the best result you can hope for. all blue (closed), or a combo of blue & green is good, but not as good as stealth. any red (open) needs attention. you can click on any square on the grid for info on that particular port & what to do about it. be warned, the guy (Steve Gibson) is a bit of a fanatic about internet security, so don't be too alarmed by all his dire warnings. and, it's pretty much a Windows-centric site as far as how to configure ports & stuff. but, it's prolly the best security test out there.
On the subject of firewall settings in MDK9.2. The Mandrake Control Center's firewall admin window enables both the incoming and outgoing protocols for each port at the same time, which is not very good.
MDK10, on the other hand, does it better. All outgoing protocols are enabled, so if you disable all ports in the firewall admin, that just disables all the incoming protocols, which is fine for an Internet client PC.
Thanks for the advice Dave, but I'll stick to 9.2 for a while. It's the first time a Linux install runs so smooth on my computer and I've heard their are still a lot of problems with 10.0.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.