LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva
User Name
Password
Mandriva This Forum is for the discussion of Mandriva (Mandrake) Linux.

Notices

View Poll Results: Is Mandriva 2008.0 easy to secure?
Yes, very secure 0 0%
Does the job 1 100.00%
Not really 0 0%
Don't know 0 0%
Multiple Choice Poll. Voters: 1. You may not vote on this poll

Reply
 
Search this Thread
Old 12-20-2007, 05:43 PM   #1
GlennsPref
Senior Member
 
Registered: Apr 2004
Location: Brisbane, Australia
Distribution: Mageia Studio-13.37 Kubuntu.
Posts: 3,325
Blog Entries: 33

Rep: Reputation: 199Reputation: 199
Probs with shorewall, what's your choice of firewall?


Hi, I'm using mandy 2008.0, and I get an error about ipsec not found during shutdown.

I have read some about it and it seems shorewall, mandy and/or kernel are not in sync.

Are there other iptables-firewalls that do not require ipsec?

And do you have any recommendations?

I have a firewall in the adsl-router, but to be sure, I also use Comodo FW in winxp, and normally use shorewall for mandriva.

Thanks in advance and Happy holidays folks.

regards, Glenn

<edit>
Well, I've just tried kmyfirewall, but it can't find a file libkmfcompiler_ipt.la. And I can't find it either.

Now I'm going to try firestarter, ....
</edit>
<edit>
firestarter has a memory error on my machine.
[root@GlennsPref ~]# firestarter Firewall started Firewall started ***MEMORY-ERROR***: firestarter[10993]: GSlice: assertion failed: sinfo->n_allocated > 0 ***MEMORY-ERROR***: firestarter[10993]: GSlice: assertion failed: sinfo->n_allocated > 0

I disabled iptables from starting at boot, to allow firestarter to start the service.

Not sure about the GSlice error, though.
</edit>

Last edited by GlennsPref; 12-20-2007 at 08:01 PM. Reason: progress.
 
Old 12-20-2007, 10:23 PM   #2
GlennsPref
Senior Member
 
Registered: Apr 2004
Location: Brisbane, Australia
Distribution: Mageia Studio-13.37 Kubuntu.
Posts: 3,325
Blog Entries: 33

Original Poster
Rep: Reputation: 199Reputation: 199
Both of the rpm packages were mandy 2008 x86_64. But neither actually worked. (with iptables on or off)

The sources are not that much better, since then I have tried to compile kmyfirewall, but it can't find the path to kdelibs and/or kde-config. wtf?

I must have an iptables script here someplace.

Here's to progress. Glenn
 
Old 12-21-2007, 07:55 PM   #3
GlennsPref
Senior Member
 
Registered: Apr 2004
Location: Brisbane, Australia
Distribution: Mageia Studio-13.37 Kubuntu.
Posts: 3,325
Blog Entries: 33

Original Poster
Rep: Reputation: 199Reputation: 199
Firewall without gui adventure

http://easyfwgen.morizot.net/gen/index.php Provides an easy script online.

Details of installing the script....
step through the script from the web page mentioned above, selecting any services you need. for home use and not supporting a web server, you may not need to change anything, just go ahead and run the script generator.

copy the text from the output of the script generator to your favourite text editor.

You may need root to do this.
Now, go to /etc/init.d and rename iptables to iptables.orig

Then save your text as iptables in /etc/init.d

You may need to dos2unix the file to delimit/remove carriage returns.

cd /etc/init.d (change directories to /etc/init.d/)

dos2unix -U iptables (-U will change to unix if dos or mac)

Now you need to make the file executable, I did this in a root session of kde, with a file manager (konqueror) by right click, properties, permissions. and check the box executable.

Now when ever iptables is started the firewall script is used.

After restarting iptables (reboot?) you can check with ShieldsUp! by going to www.grc.com (Gibson Research Corporation) and first selecting ShieldsUp! (hotspots section) then click the proceed button, next there may be a popup (you need to continue to do the test) just click continue.

Now you can select the port range to check for open, closed and stealth ports. Remember that a closed port means there is a port there.

Select all service ports, in the middle of the bunch.

You should see some info about your ip address as GRC and the rest of the web sees it.

Read some of the info supplied on the page as the test runs to see what is what.

Works so far, full stealth.

Before the NTP (network Time Protocol) was showing closed on port 123.
Which means that I'm home, but not answering. (an active connection)

I hope this helps someone. Glenn

Last edited by GlennsPref; 12-21-2007 at 10:40 PM. Reason: Tutorship
 
  


Reply

Tags
firewall, gui, iptables, linux, mandriva2008


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shorewall Firewall Help Pls kumarsundaram Linux - Security 1 07-16-2005 01:32 AM
shorewall firewall problem wisdom Linux - Security 1 02-02-2005 08:27 PM
Shorewall or other firewall??? SlipAway172 Linux - Security 5 01-25-2005 12:42 AM
Shorewall Firewall Questions bLaDe Linux - Security 3 08-13-2003 08:46 PM
Putty and Shorewall.. need help with firewall Newman_SCO Linux - Newbie 5 08-04-2003 03:43 PM


All times are GMT -5. The time now is 10:46 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration