LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Question about Eric Hameleers' firewall generator (http://www.linuxquestions.org/questions/slackware-14/question-about-eric-hameleers-firewall-generator-771586/)

Switch7 11-25-2009 07:42 PM

Question about Eric Hameleers' firewall generator
 
Although I'm still fairly new, I'm getting comfortable using linux now so I am planning on using slackware for both my desktop and laptop and wanted to ask a question before I install it on my laptop.

Since I'll be using wireless, I wanted to setup iptables correctly. I just need to connect to the internet, torrent, use irc, and connect to wireless network. I don't do any SSH, or have any servers - just a normal laptop user. Maybe I don't need a firewall for this case but I can't stand the feeling of having no protection even if it's safe, probably because what I experienced on windows.

I think I have it right but wanted to double check if I'm doing something wrong without knowing it.
Code:

Select Type of Internet Address
Dynamic Internet IP Address (using dynamic ip)

Code:

Single System or Private Network Gateway?
Single System

Code:

Allow Inbound Services
Time Server (to update my computer's time?)

Code:

Specify a custom port range
Checked both TCP/UDP and add the port range my torrent uses.

Code:

Do you use Internet Relay Chat (IRC)?
Checked

What I'm mainly worried is about Inbound services. I have a feeling I need the FTP server and passive FTP connections for my internet to work properly.

macslack 11-25-2009 08:51 PM

RE: Firewall generator
 
If you're not running any servers, you don't need any inbound services. As for time, that's a matter of your computer sending out a "request" saying "what time is it" and another computer replying, it's actually not an inbound service. I wouldn't open the FTP ports either, unless you actually plan to run an ftp service from your laptop.

Good Luck
Mac

Switch7 11-25-2009 09:21 PM

Quote:

Originally Posted by macslack (Post 3769895)
If you're not running any servers, you don't need any inbound services. As for time, that's a matter of your computer sending out a "request" saying "what time is it" and another computer replying, it's actually not an inbound service. I wouldn't open the FTP ports either, unless you actually plan to run an ftp service from your laptop.

Good Luck
Mac

Thank you for the reply. I thought torrents wouldn't work if I don't allow any inbound services?

macslack 11-25-2009 09:31 PM

RE: Firewall generator
 
Yes, you'll need to open up the correct ports for bittorrents, I just wouldn't open any others :)

amiga32 11-25-2009 09:46 PM

Meh I never use firewalls on my Linux or BSD desktops. If you're already behind a wireless router with NAT that should be enough to keep regular unwanted traffic off your system, otherwise just assume if someone really wants access to your system they will get it :) I realize this is horrible lazy advice but it's the way I see it.

Switch7 11-26-2009 12:54 AM

Thanks for the reply, just one last question on the ftp. I keep thinking I need these for things such as the slackpkg mirrors. My mirror is setup to "ftp://slackware.mirrors.tds.net/pub/slackware/slackware64-13.0/" There's also some files I download from ftp.

Or maybe I'm mistaken on something.

macslack 11-26-2009 07:06 AM

RE: Firewall generator
 
No, you shouldn't need ports open in your firewall to get things from ftp, only to provide ftp services to the outside world.

Mac


All times are GMT -5. The time now is 11:34 AM.