LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-02-2004, 08:31 AM   #1
duffboygrim
Member
 
Registered: Nov 2003
Location: Wales, UK
Distribution: Mandrake 10
Posts: 89

Rep: Reputation: 15
Firewall for Mandrake 9.2


Hi all.

I'm after a good, easy to use personal firewall for Mandrake 9.2. The one that comes with Mandrake (Drakwall or something like that?) is to be honest, totally useless as I scanned the ports and several were open and I can't configure it to do anything.

I'm using a standalone computer, no network with a 56k dial up which may be upgraded to broadband in a year or so.

Any suggestions?

Cheers,
DBG.
 
Old 01-02-2004, 08:51 AM   #2
moonloader
Member
 
Registered: Nov 2003
Location: linuxquestions.org
Distribution: Linux and BSD
Posts: 229

Rep: Reputation: 30
in MDK 9.2 thre are 2 firewalls if they wont't help,try firestarter or guarddog or kmyfirewall
 
Old 01-02-2004, 12:09 PM   #3
Bill Gates 666
Member
 
Registered: Dec 2003
Location: Cambridge
Distribution: Arch, Gentoo, OpenSUSE
Posts: 70

Rep: Reputation: Disabled
Why not write your own BASH scripted Firewall using iptables!!

I can send you my own script (which of course is hacked from other peoples scripts) which blocks all incoming connections all ports except for selected DMZ'd ports. I don't run a webserver so I only have 1 port open for point-2-point traffic going to a Windoz box on my LAN. I am on DSL but the script will work fine for dial-up.

I have tried ShieldsUP! @ grc.com run on a Windoz box on my LAN and got the result that all my ports were completely stealthed. In otherwords my whole network was invisible to the internet (OK except for the DC++ port but that isn't in the lower 1024 service ports anyway :-).

I have MSN messenger running through and stuff so it seems to work OK.

Linux is great for protecting Windoz machines from the big bad Internet!! :-)

Rob
 
Old 01-02-2004, 05:06 PM   #4
rolf
Member
 
Registered: Jul 2001
Location: Oakland, CA
Distribution: Mageia 5 x86_64
Posts: 187

Rep: Reputation: 33
I will recommend guarddog as the help makes it pretty clear how to set it up. Since it is a contrib package, you will need to have a contrib source configured, which you can do by following the instructions at the 'Easy urpmi' link at Penguin Liberation Front Then, as root, do:

urpmi guarddog

You also have to run guarddog as root to make configuration changes. Essentially, you will have to enable (check) http, https, dns, POP, smtp, protocols in the internet zone for basic browsing but that is covered in the tutorial under Help in the guarddog ui.
 
Old 01-03-2004, 08:11 AM   #5
duffboygrim
Member
 
Registered: Nov 2003
Location: Wales, UK
Distribution: Mandrake 10
Posts: 89

Original Poster
Rep: Reputation: 15
I downloaded firestarter RPM package. When i tried to install it (as root) though using:-

rpm -Uvh {filename}

I got the following error:-

Failed dependencies: liblinc.so.1 is needed by firestarter-0.9.2-3.mdk

Is this fixable? Can I get firestater installed?
 
Old 01-03-2004, 08:43 AM   #6
rolf
Member
 
Registered: Jul 2001
Location: Oakland, CA
Distribution: Mageia 5 x86_64
Posts: 187

Rep: Reputation: 33
Use urpm*

Mandrake has the urpm* family of commands, a powerful extension to rpm. You can use these commands to query the database for packages containing files, find what source has a package, install dependencies automatically, and uninstall. See man urpmi and related and some web howto: Urpmi.org

For instance, to find what package (if any known is in your database) contains the dependency:

$ urpmf liblinc.so.1
liblinc1:/usr/lib/liblinc.so.1
liblinc1:/usr/lib/liblinc.so.1.0.0

To find if firestarter is in the distro and, if so, what source holds it:

[rolf@localhost rolf]$ urpmq firestarter
firestarter
[rolf@localhost rolf]$ urpmq --sources firestarter
file://contrib/i586/firestarter-0.9.2-3mdk.i586.rpm

to find out where the liblinc1 package comes from:

$ urpmq --sources liblinc1
file://mnt/hd/Mandrake/RPMS2/liblinc1-1.0.3-1mdk.i586.rpm

One thing you could do, since this is on CD2, which you almost certainly have, is, as root, use urpmi instead of rpm to install:

urpmi /path/to/your/downloaded/firestarter/rpm

However, it is almost always best to use the rpm that has been packaged for your release of Mandrake, as it has been built to put the man pages in the right place, add a menu entry, and so forth, in a compatible fashion with the rest of your Mandrake software. To do that, you would have to use urpmi.addmedia to add a contrib source, unless you already have one. (Your urpmq queries won't show anything about a package in a source unless that source has been added with urpmi.addmedia). You can add an ftp contrib source by following the easyurpmi link on the page I gave above.

Then, all you would have to do, as root, is:

urpmi firestarter
 
Old 01-03-2004, 02:33 PM   #7
philb2k
LQ Newbie
 
Registered: May 2003
Posts: 10

Rep: Reputation: 0
Thumbs up

As a complete Linux newbie I stumbled across Guarddog reading some threads on the Mandrake forums. This is the way to go. Easier to grasp than Firestarter because you do not have to know what all the ports do - Guarddog will show you.

http://www.simonzone.com/software/guarddog/

regards,

Philip.
 
Old 01-03-2004, 05:20 PM   #8
rolf
Member
 
Registered: Jul 2001
Location: Oakland, CA
Distribution: Mageia 5 x86_64
Posts: 187

Rep: Reputation: 33
Again, you will be able to install guarddog and have access to 3605 other packages if you add a contrib source and urpmi guarddog as explained in the link I gave above. While you're at it, add a plf source for 9.2 and this will give you mplayer, mplayer-gui, video codecs, and many other packages that can't be distributed with Mandrake.
 
Old 01-04-2004, 05:21 AM   #9
duffboygrim
Member
 
Registered: Nov 2003
Location: Wales, UK
Distribution: Mandrake 10
Posts: 89

Original Poster
Rep: Reputation: 15
Rolf...

I tried urpmq --sources liblinc and got told no package called liblinc. If I persisted with firestarter, where would I get this package?


Philb2k
I'm going to give guarddog a try. See if I have any luck there!
 
Old 01-04-2004, 07:32 AM   #10
rolf
Member
 
Registered: Jul 2001
Location: Oakland, CA
Distribution: Mageia 5 x86_64
Posts: 187

Rep: Reputation: 33
You have to be very precise when giving the file or package name. Copy/paste the package name from the output of urpmf by dragging with the left mouse button depressed over the name to copy and click the middle button to paste. The package name is liblinc1 Try:

urpmq --sources liblinc1

Firestarter is in contrib. Follow the instructions in the easyurpmi link I gave in above post to add a contrib source and

urpmi firestarter
 
Old 01-04-2004, 12:45 PM   #11
duffboygrim
Member
 
Registered: Nov 2003
Location: Wales, UK
Distribution: Mandrake 10
Posts: 89

Original Poster
Rep: Reputation: 15
Well, I've just got guarddog up and running.

Thankyou all for your help.

Bill Gates 666, that is a nice idea, I may get back to you on that one.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
The Mandrake Firewall EliasAlucard Mandriva 3 05-27-2005 07:36 PM
Mandrake Firewall.............. eponymous Linux - Software 0 11-12-2004 02:44 AM
Mandrake 10.0 and firewall? KlaymenDK Mandriva 6 10-20-2004 05:58 AM
Mandrake as firewall sihere Linux - Networking 3 01-18-2004 11:13 AM
mandrake firewall cuboctahedron Linux - Newbie 4 05-22-2003 01:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration