Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
09-19-2006, 06:00 PM
|
#1
|
Member
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146
Rep:
|
Should I disable netfilter, or just remove /etc/rc.firewall
I'm having a DHT Firewalled in azureus. I'm trying to
eliminate all posibilities of firewall software executing.
Not sure if I by removing /etc/rc.firewall would be
enough, or do I have to disable netfilter in the kernel...
I have:
.Ports on Linksys router needed for TCP/UDP opened
.Ports on 2Wire router neeeded for TCP/UDP opened
.Azureus removed/reinstalled
|
|
|
09-20-2006, 06:29 AM
|
#2
|
Member
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146
Original Poster
Rep:
|
Anyone? ... Please ...
|
|
|
09-20-2006, 06:33 AM
|
#3
|
Moderator
Registered: May 2001
Posts: 29,415
|
You better find out which ports it blocks instead of opening up your box to teh intarweb.
|
|
|
09-20-2006, 04:33 PM
|
#4
|
Member
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146
Original Poster
Rep:
|
thanks.
You mean, I shouldn't remove iptables. Instead I
should configure it. ...?
|
|
|
09-20-2006, 07:14 PM
|
#5
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by mokele
thanks.
You mean, I shouldn't remove iptables. Instead I
should configure it. ...?
|
yes, i'm pretty sure that's what he means... even if you have a router and stuff, having your iptables properly configured locally is always a good idea... that said, if you wanna disable your firewall on slackware, you don't need to delete your rc.firewall (or make any changes to the kernel) - you basically just need to make it non-executable, like:
Code:
chmod a-x /etc/rc.d/rc.firewall
then upon reboot, your firewall will be disabled (no rules and all policies set to ACCEPT)... if you wanna reset your firewall without having to reboot after doing the chmod, run this script:
Code:
#!/bin/sh
IPT="/usr/sbin/iptables"
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P INPUT ACCEPT
$IPT -t mangle -P FORWARD ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -t mangle -P POSTROUTING ACCEPT
$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT
$IPT -F
$IPT -F -t nat
$IPT -F -t mangle
$IPT -X
$IPT -X -t nat
$IPT -X -t mangle
remember that running without a firewall is a very bad idea!!!
my suggestion would be that you post your rc.firewall and see if you can get some feedback on what you need to do in order for your software to work properly...
|
|
|
09-20-2006, 08:47 PM
|
#6
|
Member
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146
Original Poster
Rep:
|
hmmm...Very good info win32sux.
Looking at what you posted I noticed rc.firewall located
at /etc/rc.d/
Now I'm realizing that may be I've never had iptables
configured, not even for a basic protection because
I don't have an rc.firewall in /etc/rc.d/
I installed guarddog just to try configuring something
on my slack box from GUI for the first time. I just
don't get use to it. I think I'm going to try learning
this like every other stuff; CLI.
Now. Something I learned from the little I did with
guarddog is that rc.firewall is stored at /etc/
Is this a soft link to /etc/rc.d/rc.firewall?, Or is
it the location guarddog uses?
Anyways I have a lot of reading to do I'll post the outcome
-W
|
|
|
09-20-2006, 08:52 PM
|
#7
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
not sure about guarddog's location preference... all i know is that the slackware startup scripts will look for /etc/rc.d/rc.firewall by default...
to check your current/active firewall rules just do a (as root): post the output if you want...
by running this command you can be sure of exactly what your firewall is currently doing...
Last edited by win32sux; 09-20-2006 at 08:53 PM.
|
|
|
09-20-2006, 09:07 PM
|
#8
|
Member
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146
Original Poster
Rep:
|
Code:
Chain INPUT (policy ACCEPT 115K packets, 9862K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 158K packets, 188M bytes)
pkts bytes target prot opt in out source destination
That's the output win32sux. Correct me on this one
I just want to know if I understand your suggested
command output.
It means I have something like a DMZ?
|
|
|
09-20-2006, 09:09 PM
|
#9
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by mokele
Code:
Chain INPUT (policy ACCEPT 115K packets, 9862K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 158K packets, 188M bytes)
pkts bytes target prot opt in out source destination
That's the output win32sux. Correct me on this one
I just want to know if I understand your suggested
command output.
It means I have something like a DMZ?
|
it means your box doesn't have any firewall rules running on it... you aren't filtering any packets - everything is being allowed in and out... =/
you can rest assured the issue isn't caused by the local firewall... it has to be something else... your router perhaps?? software configuration?? not sure...
Last edited by win32sux; 09-20-2006 at 09:13 PM.
|
|
|
09-20-2006, 09:26 PM
|
#10
|
Member
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146
Original Poster
Rep:
|
Right. But now I'm worried with a bigger concern.
-iptables- I'm betting my 2 bucks on the application.
It wasn't doing this before and I havent change anything
in my routers config. About a week ago that little problem
started. Anyways now I'm more interested in solving my
iptables issue. I have something new to learn.
Thank you!! very much win.
-W
|
|
|
09-20-2006, 09:46 PM
|
#11
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by mokele
Right. But now I'm worried with a bigger concern.
-iptables- I'm betting my 2 bucks on the application.
It wasn't doing this before and I havent change anything
in my routers config. About a week ago that little problem
started. Anyways now I'm more interested in solving my
iptables issue. I have something new to learn.
Thank you!! very much win.
-W
|
cool... if you have any question about iptables just ask... i'll gladly help you with whatever i can... good luck...
|
|
|
All times are GMT -5. The time now is 02:26 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|