I have had a problem with my shorewall firewall in that I can't get access to the web unless I set shorewall to allow everything (no firewall).
The following script was supplied by a member called
qwijibow to another user with the same problem and similar configuration but he didn't explain where the script is supposed to be placed on a mandrake 10 community setup.
# qwijibow code start:
# reset firewall
iptables -F
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
# allow loopback traffic
iptables -A INPUT -d lo -j ACCEPT
# un comment out if you want this machine to respond to pings
# iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
# allow established or related connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# un-comment out to trust all pc's on your lan.
#iptables -A INPUT -s 192.168.0.0/16 -j ACCEPT
# un comment out if this machine is a printer server, and you have NOT truested all machies on your lan
#iptables -A INPUT -p tcp --dport 631 -s 192.168.0.0/16 -j ACCEPT
# qwijibow code end
In my ignorance, I placed it in the shorewall start file as it states in that file that any commands that you want to be carried out after shorewall resets or starts should be in there. It did seem to work at first without booting the system and I thought everything was fixed but after a cold start it froze after going into KDE with just a mouse pointer.
I commented out my entries in the shorewall start file and rebooted and KDE started ok.
Can anyone tell me where a script like this is a) likely or b) supposed to go.
I won't hold anyone to ransom if it doesn't work as I'm prepared to experiment.
I would appreciate any help. Thanks
__________________
Registered Linux user #359285
http://counter.li.org/ qwijibow