LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 10-12-2004, 04:12 AM   #1
rakesh_em
LQ Newbie
 
Registered: Sep 2004
Location: India
Distribution: Slackware,Mandrake,Fedora
Posts: 14

Rep: Reputation: 0
Question firewall configuration


what all firewalls comes with slackware?
how do you configure them, if there is any link to web pages on how to do it would be welcome?
how do you configure iptables to start along witht eh system boot?
please do help
 
Old 10-12-2004, 04:24 AM   #2
redjokerx
Member
 
Registered: Aug 2004
Location: San Diego
Distribution: Slackware
Posts: 303

Rep: Reputation: 31
you can use iptables to filter your traffic. You put your firewall stuff in /etc/rc.d/rc.firewall and make sure it's executable.
 
Old 10-12-2004, 04:26 AM   #3
gbonvehi
Senior Member
 
Registered: Jun 2004
Location: Argentina (SR, LP)
Distribution: Slackware
Posts: 3,145

Rep: Reputation: 53
Here's the tutorial where I learn to use iptables (of course, it was only the base, I did more research after that): http://yolinux.com/TUTORIALS/LinuxTu...rkGateway.html
 
Old 10-12-2004, 04:34 AM   #4
rakesh_em
LQ Newbie
 
Registered: Sep 2004
Location: India
Distribution: Slackware,Mandrake,Fedora
Posts: 14

Original Poster
Rep: Reputation: 0
thanx for that link. sorry redjokerx i am kind of s newbie wanted to know how iptable could be enabled during boot time as well as to know whether the default configuration if any is useful enough. I dont know how u do it in the rc.firewall file.
 
Old 10-12-2004, 04:48 AM   #5
rotvogel
Member
 
Registered: Oct 2003
Posts: 534

Rep: Reputation: 30
There is no default configuration for iptables in Slackware. What you can do is search the forum and the Internet for firewall scripts. You will find a lot of them. Configure the script of your choice, name it /etc/rc.d/rc.firewall , make it executable and you're done.

I use http://muse.linuxmafia.org/gshield/ but there are many other good ones out there. A search on this forum will result in a number of possibilities.
 
Old 10-13-2004, 08:14 AM   #6
erraticassassin
Member
 
Registered: Feb 2004
Distribution: Slackware 13.1
Posts: 131

Rep: Reputation: 18
For a 'set and forget' option, go to linuxpackages.net and pick up Firestarter. Simple to run and pretty solid if you don't have time to write your own firewall scripts. Plus the guy who wrote it was really helpful when I had a couple of queries, which is always nice.
 
Old 10-13-2004, 07:43 PM   #7
redjokerx
Member
 
Registered: Aug 2004
Location: San Diego
Distribution: Slackware
Posts: 303

Rep: Reputation: 31
I ended up writing my own script... :-) called pfwall, then, in my rc.firewall script it goes

Code:
echo "Staring up the firewall..."
# rc.inet2 wants rc.firewall start eh, why the hell not?
start()
{
        echo "Starting with a clean slate"
        pfwall close
        echo "Opening stuff up"
        pfwall dns
        pfwall ping
        pfwall out
        # turn on for servers
        pfwall ssh open in
}

stop()
{
        pfwall open
}

case "$1" in
   'start')
      start ;;
   'stop')
      stop ;;
   'restart')
      stop;start ;;
   *)
      echo "usage $0 start|stop|restart" ;;
I haven't bothered to learn how to set up ICMP filtering correctly.

My basic rules were
Code:
echo "Closing everything!"
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
...
echo "Enabling outgoing " $1 " from port " $2
iptables -A INPUT  -p $1 --sport $2 -j ACCEPT
iptables -A OUTPUT -p $1 --dport $2 -j ACCEPT

...

# proto port
echo "Enabling incoming  " $1 " from port " $2
iptables -A INPUT  -p $1 --dport $2 -j ACCEPT
iptables -A OUTPUT -p $1 --sport $2 -j ACCEPT
...
$1 is the protocol, and $2 is the port.

I had iptables drop everything first, then I started opening. so those are what I used to open stuff. rc.firewall calls pfwall and tells it to open or close certain ports for certain protocols. I think I'll add a .conf file for it to read off of next time if I get around to doing it.

Good luck
 
Old 10-13-2004, 07:48 PM   #8
redjokerx
Member
 
Registered: Aug 2004
Location: San Diego
Distribution: Slackware
Posts: 303

Rep: Reputation: 31
I might redo it since the link posted earlier might be simpler.
 
Old 10-13-2004, 08:32 PM   #9
fcaraballo
Member
 
Registered: Feb 2004
Location: WA
Distribution: Slackware
Posts: 230

Rep: Reputation: 31
Another good script is here. Just download it, move it to /etc/rc.d and make it executable. On your next reboot it will load.

MagicMan
 
Old 10-13-2004, 08:58 PM   #10
judas_iscariote
LQ Newbie
 
Registered: Oct 2004
Posts: 5

Rep: Reputation: 0
I use Shorewall really good script ..and easy to use.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall configuration EvilAngel Linux - Networking 3 02-05-2005 08:23 AM
Firewall configuration pedrog Linux - Security 4 02-03-2005 07:04 AM
Firewall configuration kevinm2 Linux - Security 5 08-19-2004 01:02 PM
firewall configuration Santas Mandriva 7 12-19-2003 11:06 AM
Firewall configuration Lazlo Linux - Networking 1 11-09-2001 10:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration