Hi, I just installed Slackware and am wondering what would be the best choice for a good firewall. I'm still learning my way around Linux so I'm hoping that I might find a user-friendly firewall. Any suggestions?

iptables is integrated with the kernel and is in the default Slackware kernel so all you need to do is setup so iptables rules. That, of course, is easier said than done. I suggest going with Firestarter, a great GNOME utility that makes setting up iptables rules easy. There are others out there of course. What does everyone else use?

With slackware I do a rc.firewall script in /etc/rc.d which start, stop, restart a firewall.sh script in /etc/firewall. The internet is full of iptable netfilter scripts, you can use some for example. Firestarter need some modification in /etc/rc.d because it use SystemV style init system which is not the slackware default (BSD style init script).

you can use Guarddog if you like and you get it from www.linuxpackages.net

You can use this as a simple firewall script:

#!/bin/bash
#
# Basic script to keep the nasties out of slack-lap
# First we make the default policy to drop everything
iptables -P INPUT DROP
iptables -P FORWARD DROP
# Allow established connections and programs that use loopback
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
# Lets allow ssh to connect
iptables -A INPUT -p tcp --dport 22 -i ppp0 -j ACCEPT
#end script

Make it executable and save it as /etc/rc.d/rc.firewall.

I got this from a good beginner's article at http://www.linuxbeginner.org/modules...rticle&sid=422 .

Regards,
Lucinda

If you installed the Linux HOWTOs
You can find a most excellent firewall script to tailor to your needs
file:///usr/doc/Linux-HOWTOs/Firewall-HOWTO

The HOWTOs are loaded with many example scripts that can be editted to suit your system and and needs. All one has to do is read them...

So fireup a browser and cut and paste this
file:///usr/doc/Linux-HOWTOs/

Using the firewall script there and the firestarter script which is almost identical to the one in the HOWTOs with more bells and whistles I have a very solid firewall.

Note on firestarter; It is a GUI front end for a sh script, requires root priv to run on slack, breaks on occations, and can write a table that is not known to iptables..
But it is a great way to quickly build a usable firewall script....

Wow I've got alot to do now! Which I don't mind at all! Thanks for all the feedback. It looks like I'll be firing up the HOWto's tomorrow night.

Thanks again!
Vindane

If you use KDE, there is an integrated package available called KMyFirewall.
http://kmyfirewall.sourceforge.net/
very gui for setting up iptables

It is amazing all that is in that /usr/doc that people don't read.

Personally, I do like GuardDog a lot..........

Firestarter can also be downloaded from the http://www.linuxpackages.net website.

I've been using
http://projectfiles.com/firewall/
for some time

I use fwbuilder . It is a nice program and great for setting up more complex firewalls. I had to create my own packages for Slackware 9.1 but it was not complicated. The only downside to FWBuilder is that it does take more work to set up initially.

This may be a tad off topic but the guy who posted this is a newbie and so like me might not have realised that you need to test your firewall configuration! *dulp* Found 2 cool sites to do that: https://grc.com/x/ne.dll?bh0bkyd2 and http://scan.sygate.com A bit windows centric but pretty cool and fast nonetheless. Hope it helps in some way.