Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Some of the information is impossible to provide without knowing what distribution you're running (like where to put it so it loads on boot.)
The commands themselves would also depend on that in many cases, for instance redhat you're likely going to want to add them to the RH-Firewall-1-INPUT chain. Debian, not so much.
Some of the information is impossible to provide without knowing what distribution you're running (like where to put it so it loads on boot.)
The commands themselves would also depend on that in many cases, for instance redhat you're likely going to want to add them to the RH-Firewall-1-INPUT chain. Debian, not so much.
If you already have it setup, you'd be better trying to use that and just change the interface. Try "firestarter --help" or look for a config file.
(Been years since I looked at it).
If you already have it setup, you'd be better trying to use that and just change the interface. Try "firestarter --help" or look for a config file.
(Been years since I looked at it).
it worked fine b4. now it dont' show access even local !!!!
I have read that you upgraded hardware and this may help you (if it's mile off I apologise):
Ubuntu is ''helpful'' with NIC's. If you change NIC (or mobo with built in NIC) it will usually assign a new ID such as eth1/2/3 etc because it sees a different MAC/Hardware address on the device. Of course, assigning your NIC a new eth1/2/3 ID will break all of your Firestarter rules because they are usually all relevant to eth0. Personally I find this behaviour a PITA, but once you know it does this, the fix is trivial:
Edit this file:
/etc/udev/rules.d/70-persistent-net-rules
You'll probably find you have a couple of entries that look similar to this:
eth0 will be locked to the old mac of the old nic. Personally I would delete both lines and reboot - this should the correctly assign your new NIC to eth0 and everything should work again. If you prefer just edit the ATTRS{address} to suit and restart your networking (sudo /etc/init.d/networking restart)
HTH
Last edited by spampig; 03-11-2010 at 01:02 AM.
Reason: added options
I have read that you upgraded hardware and this may help you (if it's mile off I apologise):
Ubuntu is ''helpful'' with NIC's. If you change NIC (or mobo with built in NIC) it will usually assign a new ID such as eth1/2/3 etc because it sees a different MAC/Hardware address on the device. Of course, assigning your NIC a new eth1/2/3 ID will break all of your Firestarter rules because they are usually all relevant to eth0. Personally I find this behaviour a PITA, but once you know it does this, the fix is trivial:
Edit this file:
/etc/udev/rules.d/70-persistent-net-rules
You'll probably find you have a couple of entries that look similar to this:
eth0 will be locked to the old mac of the old nic. Personally I would delete both lines and reboot - this should the correctly assign your new NIC to eth0 and everything should work again. If you prefer just edit the ATTRS{address} to suit and restart your networking (sudo /etc/init.d/networking restart)
HTH
i now have connection, on eth0, so far so good.
/etc/udev/rules.d/70-persistent-net-rules is now "empty", but fire
starter now complains it can't "find eth2" last used eth port. reinstalling firestarter again....
Try launching the Firestarter GUI (usually under applications / internet) and selecting EDIT > PREFERENCES > FIREWALL > NETWORK SETTINGS and change the NIC there. You'll need to bounce/restart networking for it to bite.
Try launching the Firestarter GUI (usually under applications / internet) and selecting EDIT > PREFERENCES > FIREWALL > NETWORK SETTINGS and change the NIC there. You'll need to bounce/restart networking for it to bite.
I edited /etc/firestarter/configuration and restarted the box.
and it's not good enough, oh yes it works on eth0 now, weget current connections, but when i try to go LOCAL ftp site, it dont show up there.
cross with this. chg of mind, partion my new 340gb to reflect /home and home/ftp then reinstall i think.
you seem quite knowledgable, if i want to say to firestarter, accept everting off my local lan i'd say
192.168.1.0/24 yeah? do you have link or something to explai how /24 /16 /8 etc works?
On the firestarter site I saw one - maybe the FAQ.
well home and ftp yep! and the configs, mind you there was a minor problem the other day... when the configs turned into err junk! can't wait for Luicd, 10.4 only next month.
Yeah all up and running now with tux totally on the new 340gb hd, fine and dandy. just put other ftp disk in tux2 for back up. if your about pls test, via the website http://tux.isa-geek.org
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.