LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   4MLinux (https://www.linuxquestions.org/questions/4mlinux-115/)
-   -   Is firewall fully enabled out-of-the-box? (https://www.linuxquestions.org/questions/4mlinux-115/is-firewall-fully-enabled-out-of-the-box-4175635614/)

linustalman 08-03-2018 01:25 PM

Is firewall fully enabled out-of-the-box?
 
Hi Zbigniew.

I am more familiar with GUFW.

Is the 4MLinux firewall fully enabled out-of-the-box?

Thanks.

zk1234 08-04-2018 05:32 AM

Hi,

One has a "fully enabled firewall" when one's computer is switched off :-)

1) The default /etc/server/autostart.conf file is:
Code:

# Choose the servers to start during the boot time:
CRON=yes
DNS=no
FIREWALL=yes
FTP=no
HTTP=no
MYSQL=no
NFS=no
PROXY=no
SMTP=no
SSH=yes
TELNET=no

So yes, the firewall is enabled by default.

2) Open your terminal and execute "firewall test". You should now see something like this:
Code:

Chain INPUT (policy DROP)
target    prot opt source              destination       
          tcp  --  anywhere            anywhere            tcp dpt:ssh state NEW recent: SET name: BRF side: source mask: 255.255.255.255
DROP      tcp  --  anywhere            anywhere            tcp dpt:ssh state NEW recent: UPDATE seconds: 600 hit_count: 10 TTL-Match name: BRF side: source mask: 255.255.255.255
DROP      tcp  --  anywhere            anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP      tcp  --  anywhere            anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
DROP      tcp  --  anywhere            anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
ACCEPT    all  --  anywhere            anywhere           
ACCEPT    icmp --  anywhere            anywhere            icmp echo-request
ACCEPT    icmp --  anywhere            anywhere            icmp time-exceeded
ACCEPT    all  --  anywhere            anywhere            ctstate RELATED,ESTABLISHED
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:ftp
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:ssh
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:http
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:https
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:10000
ACCEPT    tcp  --  anywhere            anywhere            multiport dports 50000:55000
ACCEPT    udp  --  anywhere            anywhere            udp spt:netbios-ns

Chain FORWARD (policy DROP)
target    prot opt source              destination       

Chain OUTPUT (policy ACCEPT)
target    prot opt source              destination       
ACCEPT    all  --  anywhere            anywhere

So yes, the firewall is up and running.

3) The firewall's default configuration (Menu > Miniserver > Settings > Firewall) is:
Code:

# Accept all internal requests:
LOCALHOST=yes

# Accept external ping requests:
PINGS=yes

# Accept external traceroute requests:
TRACEROUTE=yes

# Allow outgoing traffic:
OUTGOING=yes

# Allow incoming traffic to the following TCP ports:
TCP="21 22 80 443 10000"

# Allow incoming traffic to the following UDP ports:
UDP=""

# Unblock port 53 for DNS server:
DNS=no

# Unblock ports 25,465,587 for SMTP server:
SMTP=no

# Unblock ports 111,1110,2049,4045,4046 for NFS server:
NFS=no

# Allow passive FTP connections:
PASSIVE=yes

# Range of ports for passive FTP connections:
RANGE=50000:55000

# Enable support for Samba client:
SAMBA=yes

# Enable SSH brute force protection:
BRF=yes

# Blacklist IP addresses from the following list:
BLACKLIST=/etc/firewall/black.list

# Enable DDOS protection:
DDOS=no


# NOTE:
# Always enabled (even if DDOS is set to "no"):
# SYN flood protection,
# NULL scan protection,
# XMAS scan protection.

4) More reading:
http://4mlinux.blogspot.com/2017/07/...ux-server.html

.

linustalman 08-04-2018 09:39 AM

Thank you Zbigniew for that informative response. :hattip:


All times are GMT -5. The time now is 08:33 PM.