LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 05-27-2006, 08:45 AM   #1
adityavpratap
Member
 
Registered: Dec 2004
Location: Hyderabad, India
Distribution: Slackware 13, Ubuntu 12.04
Posts: 440

Rep: Reputation: 32
unable to configure firewall using IPTABLES


Hi friends,
I have been trying to set up a firewall using IPTABLES as per the method described in the following link -
http://www.howtoforge.net/custom_iptables_firewall
However, I think that the method described is RedHat specific, or atleast it requires some modifications to be adopted for Slackware. For example the firewall.iptables script must be rc.firewall.iptables located in /etc/ instead of /etc/init.d/, (I hope I am not wrong).
However, chkconfig is not found on my installation of Slackware 10.1. I have been trying to locate the package without any success.
Besides after having followed the procedure described in the link mentioned supra, when I do -
$ sudo /etc/rc.firewall.iptables start
I get the following rather lengthy output on my terminal and the firewall prevents all access to internet. Here is the output -
Quote:
Starting Firewall services
firewall: Configuring Firewall Rules using iptables
Bad argument `DROP'
Try `iptables -h' or 'iptables --help' for more information.
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Banned address/network file not found.
firewall: IANA-reserved address/network file not found.
firewall: Local rules file not found.
firewall: Outbound ping enabled
firewall: Inbound ping enabled
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: DNS client enabled
firewall: ** No secondary DNS configured **
firewall: DNS Full server enabled
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Auth client enabled
iptables: Unknown error 4294967295
firewall: Auth server enabled
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: SMTP Local server enabled
iptables: Unknown error 4294967295
firewall: Remote site any/0 may access local POP-3 server
/etc/rc.firewall.iptables: line 963: [: -gt: unary operator expected
/etc/rc.firewall.iptables: line 990: [: -gt: unary operator expected
/etc/rc.firewall.iptables: line 1058: [: -gt: unary operator expected
/etc/rc.firewall.iptables: line 1084: [: -gt: unary operator expected
iptables v1.3.5: host/network `my.news.server' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.5: host/network `my.news.server' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.5: host/network `my.news.server' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.5: host/network `my.news.server' not found
Try `iptables -h' or 'iptables --help' for more information.
firewall: Clients may access remote NNTP server: my.news.server
iptables v1.3.5: host/network `your.snews.server' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.5: host/network `your.snews.server' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.5: host/network `your.snews.server' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables v1.3.5: host/network `your.snews.server' not found
Try `iptables -h' or 'iptables --help' for more information.
firewall: Clients may access remote secure NNTP server: your.snews.server
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote TELNET servers
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote SSH servers
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Remote site any/0 may access local SSH server
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote FTP servers
iptables: Unknown error 4294967295
firewall: Clients may access remote HTTP servers
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Remote client any/0 may access local HTTP server
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote HTTPS servers
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote FINGER servers
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote WHOIS servers
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote GOPHER servers
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote WAIS servers
iptables: Unknown error 4294967295
firewall: Real Video client enabled
iptables: Unknown error 4294967295
iptables: Unknown error 4294967295
firewall: Clients may access remote PPTP servers
firewall: Outbound TRACEROUTE enabled
firewall: Inbound TRACEROUTE enabled
firewall: NTP Client enabled
firewall: ICQ Client enabled
firewall: Masquerading internal network
done
Being a total newbie in this regards, I am unable to make either head or tail of this.
When I google for "iptables: Unknown error 4294967295" I found a site that suggested that I recompile the kernel with the parameter CONFIG_IP_NF_TARGET_NETMAP=y in the relevant .config.
However the error message fails to go away even after I recompiled the kernel as suggested.
I hope somebody out there can help me out.
 
Old 05-27-2006, 09:02 AM   #2
dennisk
Member
 
Registered: May 2004
Location: Southwestern USA
Distribution: CentOS
Posts: 279

Rep: Reputation: 30
Slackware looks for a firewall scrift in /etc/rc.d/rc.firewall. A good starter firewall for a typical desktop machine is Brian Hatch's 10 Minute firewall. You can find the script here http://www.hackinglinuxexposed.com/a.../20030709.html

Make the script executable with
Quote:
chmod a+x /etc/rc.d/rc.firewall
and then restart iptables with
Quote:
/etc/rc.d/rc.firewall restart
That's it.

dennisk
 
Old 05-27-2006, 09:09 AM   #3
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559

Rep: Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116
Another way to create a rc.firewall script is to open http://www.slackware.com/~alien/efg/ where you find the "Easy firewall Generator" slightly modified so that the generated script works with Slackware.
Just answer a few basic questions about your server setup, and the script will be generated - you can copy and paste it into a file called /etc/rc.d/rc.firewall (this specific filename and none other).
If you do
Code:
chmod +x /etc/rc.d/rc.firewall
then the Slackware init scripts will automatically run it when your computer boots.

Eric
 
Old 05-27-2006, 12:19 PM   #4
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Rep: Reputation: 45
also, make sure to 'chmod +x /etc/rc.d/rc.ip_forward' if your firewall will also be serving as a router for other computers on the local network.

regards,
...drkstr
 
Old 05-27-2006, 11:12 PM   #5
adityavpratap
Member
 
Registered: Dec 2004
Location: Hyderabad, India
Distribution: Slackware 13, Ubuntu 12.04
Posts: 440

Original Poster
Rep: Reputation: 32
Thanks to your prompt replies, I have now got a working firewall. :-)
 
Old 05-29-2006, 11:21 AM   #6
nutronix
Member
 
Registered: Jan 2003
Location: montreal
Distribution: Debian Ubuntu & Slackware
Posts: 142
Blog Entries: 1

Rep: Reputation: 20
thank you guys i got it working too....good thread
 
  


Reply

Tags
firewall


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables with iptables-firewall.conf arno's matt3333 Slackware 16 06-28-2007 08:20 AM
IPTables Firewall + Unable to surf locally yvesg Linux - Networking 5 08-10-2005 03:32 PM
how to configure my firewall cd1680 Linux - Security 11 03-17-2005 09:41 PM
do I need to configure firewall? totti10 Mandriva 5 10-24-2004 03:37 PM
how to configure a firewall (iptables) to let me use a email server behind it? jorgelopez100 Linux - Networking 1 03-26-2004 10:49 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 09:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration