LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-19-2006, 06:00 PM   #1
mokele
Member
 
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146

Rep: Reputation: 15
Should I disable netfilter, or just remove /etc/rc.firewall


I'm having a DHT Firewalled in azureus. I'm trying to
eliminate all posibilities of firewall software executing.

Not sure if I by removing /etc/rc.firewall would be
enough, or do I have to disable netfilter in the kernel...

I have:
.Ports on Linksys router needed for TCP/UDP opened
.Ports on 2Wire router neeeded for TCP/UDP opened
.Azureus removed/reinstalled
 
Old 09-20-2006, 06:29 AM   #2
mokele
Member
 
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146

Original Poster
Rep: Reputation: 15
Anyone? ... Please ...
 
Old 09-20-2006, 06:33 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
You better find out which ports it blocks instead of opening up your box to teh intarweb.
 
Old 09-20-2006, 04:33 PM   #4
mokele
Member
 
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146

Original Poster
Rep: Reputation: 15
thanks.

You mean, I shouldn't remove iptables. Instead I
should configure it. ...?
 
Old 09-20-2006, 07:14 PM   #5
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by mokele
thanks.

You mean, I shouldn't remove iptables. Instead I
should configure it. ...?
yes, i'm pretty sure that's what he means... even if you have a router and stuff, having your iptables properly configured locally is always a good idea... that said, if you wanna disable your firewall on slackware, you don't need to delete your rc.firewall (or make any changes to the kernel) - you basically just need to make it non-executable, like:
Code:
chmod a-x /etc/rc.d/rc.firewall
then upon reboot, your firewall will be disabled (no rules and all policies set to ACCEPT)... if you wanna reset your firewall without having to reboot after doing the chmod, run this script:
Code:
#!/bin/sh

IPT="/usr/sbin/iptables"

$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT

$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P INPUT ACCEPT
$IPT -t mangle -P FORWARD ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -t mangle -P POSTROUTING ACCEPT

$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT

$IPT -F
$IPT -F -t nat
$IPT -F -t mangle

$IPT -X
$IPT -X -t nat
$IPT -X -t mangle
remember that running without a firewall is a very bad idea!!!

my suggestion would be that you post your rc.firewall and see if you can get some feedback on what you need to do in order for your software to work properly...
 
Old 09-20-2006, 08:47 PM   #6
mokele
Member
 
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146

Original Poster
Rep: Reputation: 15
hmmm...Very good info win32sux.

Looking at what you posted I noticed rc.firewall located
at /etc/rc.d/

Now I'm realizing that may be I've never had iptables
configured, not even for a basic protection because
I don't have an rc.firewall in /etc/rc.d/

I installed guarddog just to try configuring something
on my slack box from GUI for the first time. I just
don't get use to it. I think I'm going to try learning
this like every other stuff; CLI.

Now. Something I learned from the little I did with
guarddog is that rc.firewall is stored at /etc/

Is this a soft link to /etc/rc.d/rc.firewall?, Or is
it the location guarddog uses?

Anyways I have a lot of reading to do I'll post the outcome

-W
 
Old 09-20-2006, 08:52 PM   #7
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
not sure about guarddog's location preference... all i know is that the slackware startup scripts will look for /etc/rc.d/rc.firewall by default...

to check your current/active firewall rules just do a (as root):
Code:
iptables -L -v -n
post the output if you want...

by running this command you can be sure of exactly what your firewall is currently doing...

Last edited by win32sux; 09-20-2006 at 08:53 PM.
 
Old 09-20-2006, 09:07 PM   #8
mokele
Member
 
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146

Original Poster
Rep: Reputation: 15
Code:
Chain INPUT (policy ACCEPT 115K packets, 9862K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 158K packets, 188M bytes)
 pkts bytes target     prot opt in     out     source               destination
That's the output win32sux. Correct me on this one
I just want to know if I understand your suggested
command output.

It means I have something like a DMZ?
 
Old 09-20-2006, 09:09 PM   #9
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by mokele
Code:
Chain INPUT (policy ACCEPT 115K packets, 9862K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 158K packets, 188M bytes)
 pkts bytes target     prot opt in     out     source               destination
That's the output win32sux. Correct me on this one
I just want to know if I understand your suggested
command output.

It means I have something like a DMZ?
it means your box doesn't have any firewall rules running on it... you aren't filtering any packets - everything is being allowed in and out... =/

you can rest assured the issue isn't caused by the local firewall... it has to be something else... your router perhaps?? software configuration?? not sure...

Last edited by win32sux; 09-20-2006 at 09:13 PM.
 
Old 09-20-2006, 09:26 PM   #10
mokele
Member
 
Registered: Jan 2005
Location: Puerto Rico
Distribution: Slackware 13
Posts: 146

Original Poster
Rep: Reputation: 15
Right. But now I'm worried with a bigger concern.
-iptables- I'm betting my 2 bucks on the application.
It wasn't doing this before and I havent change anything
in my routers config. About a week ago that little problem
started. Anyways now I'm more interested in solving my
iptables issue. I have something new to learn.

Thank you!! very much win.

-W
 
Old 09-20-2006, 09:46 PM   #11
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by mokele
Right. But now I'm worried with a bigger concern.
-iptables- I'm betting my 2 bucks on the application.
It wasn't doing this before and I havent change anything
in my routers config. About a week ago that little problem
started. Anyways now I'm more interested in solving my
iptables issue. I have something new to learn.

Thank you!! very much win.

-W
cool... if you have any question about iptables just ask... i'll gladly help you with whatever i can... good luck...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Do I really need a netfilter/firewall? Trijicon Linux - Security 6 10-15-2005 04:58 PM
How do I disable or remove KsCD? bfair Linux - General 8 03-07-2005 11:36 AM
Is iptables/netfilter stateful inspection firewall ? newbieA Linux - Security 3 02-11-2005 08:32 PM
Need to disable/remove all firewalls...nothing seems to work jslmg Linux - Networking 24 06-06-2004 07:27 PM
Firewall, netfilter, iptables...? snowbaby Linux - Security 9 08-13-2002 03:22 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration