SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have used Alien Bobs script generator to finally get the firewall on my laptop going. I KMyFirewall wouldn't work at all, it threw out all kinds of errors. GuardDog wouldn't let me get on the internet at all, a little too well guarded for my tastes. Anyhow, I used the script here and I am now up and running. My question is, since I am using a laptop I switch between a wired connection (eth0) and a wireless (wlan0), how do I put them both in the script? When I ran the generator I used eth0 in the Internet Interface field just to get it going. Can I even use the generator for more than one interface or do I have to edit the resulting script manually?
I could be wrong about this BUT, i am almost positive that any iptables you add are permanent. Not sure how the script inputs them but they should always stay there, even if you run the script once. So you could create another script to just add wlan0 to those rules aswell. might just be easy enough to replace eth0 with wlan0
You will most likely need to edit the script if you plan on using two different interfaces. But, if you plan on using the same rules for both interfaces you could remove the interface specification all together. This would then apply the rule to any interface I think.
Quick idea here only and my knowledge on iptables script is rather limited to say the least.
So do not use this until/unless you have already tried ways recommended by others.
If you do not get it working without both interface names in there:
(a possibility?): make another iptables script for your wlan0 interface.
Have the two (the eth0 and the wlan0) generated scripts saved as filename1 and filename2 on your hard drive.
Then diff those two (man diff; diff in bash; is it "kdiff" in KDE which is graphical)
copy/paste (combine) the two files based on the differences so that the result includes both what's common between the two and what's different (non repeat the common but include the common stuff once) *and* add in the difference from one file, add it to the other file.
But if one interface is not always active, at such time it is not active then (if you do my idea) errors might show during bootup when the firewall is activated (or thereabouts, I might have it slightly out of order since firewall likely is first then activate interface for use).
--
Alan.
OK I have tried the following and so far no wireless:
Comment out INET_IFACE="eth0" with the theory that it will apply to all connections -> no such luck.
Uncomment INET_IFACE="eth0" and add INET_IFACE="wlan0" -> also no luck
Comment out INET_IFACE="eth0" but leave INET_IFACE="wlan0" -> I though for sure that this would disable the wired connection and enable wireless. No wireless, didn't test wired.
I'm going to do some serious reading on IPTables today and see if I can find an answer.
OK I have tried the following and so far no wireless:
Comment out INET_IFACE="eth0" with the theory that it will apply to all connections -> no such luck.
Uncomment INET_IFACE="eth0" and add INET_IFACE="wlan0" -> also no luck
Comment out INET_IFACE="eth0" but leave INET_IFACE="wlan0" -> I though for sure that this would disable the wired connection and enable wireless. No wireless, didn't test wired.
I'm going to do some serious reading on IPTables today and see if I can find an answer.
I did a quick scan through the script. Commenting out INET_IFACE="eth0" will only serve to leave a bunch of "-i" parameters without an argument which will give you an error.
Find the commands with "-i INET_IFACE" and remove that portion from the command and it should apply to all interfaces.
But, if it didn't work on the wireless interface by adding INET_IFACE="wlan0", my guess is that it probably won't solve your problem.
I restarted the computer to be sure the script was run after each time I changed it. I think tonight I am going to try turning off the firewall completely and see what happens. I just want to be sure I am actually attacking the problem or is there something else causing the trouble. There is a section of the script that removes the firewall completely each time it is run, I'm going to copy out that section and put it into it's own script to hopefully return the computer to normal. From there I'll put stuff back and see where it breaks.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.