SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi, I just installed Slackware and am wondering what would be the best choice for a good firewall. I'm still learning my way around Linux so I'm hoping that I might find a user-friendly firewall. Any suggestions?
iptables is integrated with the kernel and is in the default Slackware kernel so all you need to do is setup so iptables rules. That, of course, is easier said than done. I suggest going with Firestarter, a great GNOME utility that makes setting up iptables rules easy. There are others out there of course. What does everyone else use?
With slackware I do a rc.firewall script in /etc/rc.d which start, stop, restart a firewall.sh script in /etc/firewall. The internet is full of iptable netfilter scripts, you can use some for example. Firestarter need some modification in /etc/rc.d because it use SystemV style init system which is not the slackware default (BSD style init script).
#!/bin/bash
#
# Basic script to keep the nasties out of slack-lap
# First we make the default policy to drop everything
iptables -P INPUT DROP
iptables -P FORWARD DROP
# Allow established connections and programs that use loopback
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
# Lets allow ssh to connect
iptables -A INPUT -p tcp --dport 22 -i ppp0 -j ACCEPT
#end script
Make it executable and save it as /etc/rc.d/rc.firewall.
Distribution: SlackWare 10.1+, FreeBSD 4.4-5.2, Amiga 1.3,2.1,3.1, Windors XP Pro (makes a fair answering machine)
Posts: 287
Rep:
If you installed the Linux HOWTOs
You can find a most excellent firewall script to tailor to your needs
file:///usr/doc/Linux-HOWTOs/Firewall-HOWTO
The HOWTOs are loaded with many example scripts that can be editted to suit your system and and needs. All one has to do is read them...
So fireup a browser and cut and paste this
file:///usr/doc/Linux-HOWTOs/
Using the firewall script there and the firestarter script which is almost identical to the one in the HOWTOs with more bells and whistles I have a very solid firewall.
Note on firestarter; It is a GUI front end for a sh script, requires root priv to run on slack, breaks on occations, and can write a table that is not known to iptables..
But it is a great way to quickly build a usable firewall script....
Last edited by Nichole_knc; 05-26-2004 at 08:36 PM.
I use fwbuilder . It is a nice program and great for setting up more complex firewalls. I had to create my own packages for Slackware 9.1 but it was not complicated. The only downside to FWBuilder is that it does take more work to set up initially.
This may be a tad off topic but the guy who posted this is a newbie and so like me might not have realised that you need to test your firewall configuration! *dulp* Found 2 cool sites to do that: https://grc.com/x/ne.dll?bh0bkyd2 and http://scan.sygate.com A bit windows centric but pretty cool and fast nonetheless. Hope it helps in some way.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.