hippocampe Posted January 24, 2003 Author Report Share Posted January 24, 2003 YES !!!!! It worked ! 8) :D Thanks to all of you guys! Quote Link to comment Share on other sites More sharing options...
Guest ump Posted January 25, 2003 Report Share Posted January 25, 2003 Hekp I have followed all suggestion listed above Removed iptables and shorwall then tried to install both again still nothing. I have tried to install guarddog and firestarter but both come up saying Everything already installed but I do a search and no files are found I downloaded guarddog from the web tried to install Came up with conflicts and aborted install I am at a complete loss I have looked in MCC>System>Sevices Iptables is not running but will not start no errors givem Shorewall is runing but not blocking anything I have set iptables to start on boot and restarted but still showes as stopped Any ideas Pleas help I'm going nuts here (and it's not a far trip) :wink: Quote Link to comment Share on other sites More sharing options...
Counterspy Posted January 25, 2003 Report Share Posted January 25, 2003 I am in the process of reinstalling all the updates after a ridiculous mistake while fooling with Parted. I do not use Mandrake update but discovered that the behaviour of an F3 console, a desktop console and package manager behaved differently with results similar to what you are saying about Guarddog and Firestarter with one but not another. I would try installing them after direct download first from big console (F3), small console (desktop) and package manager. Do the same with iptables after you remove it again. This may be just a peculiarity with my installation but I offer it as something that may be a solution. Counterspy Quote Link to comment Share on other sites More sharing options...
hippocampe Posted January 25, 2003 Author Report Share Posted January 25, 2003 ump I think you should disable Shorewall when you want to run guarddog instead. Also, iptables is not shown as a running process even if its working. I think it sets up filtering rules for the kernel at boot time so it is normal if you see that iptables is stopped in MCC. That's what I also have and my firewall is working. For your conflicts, can you run guarddog in the console? If so, then guarddog is already installed as it says. Quote Link to comment Share on other sites More sharing options...
Guest ump Posted January 26, 2003 Report Share Posted January 26, 2003 I turned off shorewall went to console and tried to start guarddog nothing also su to root and tried still nothing any other suggestions and thanks for the update regarding iptables at least that rules that out as the problem ump Quote Link to comment Share on other sites More sharing options...
sglafata Posted January 27, 2003 Report Share Posted January 27, 2003 To all who have posted here, Shorewall will not run as desired out of the box. I found this out when I experienced similar problems as posted here. My solution was to go to the Shorewall website, www.shorewall.org, and follow their configuration instructions. Once everything was set up, Shorewall worked perfectly for me and has ever since. From what I understand, Bastille is incompatible with LM9.0. Why? I have no idea, but this is a known issue. However, now that it has support for RedHat 8.0, I'm sure a solution for LM9.0 is around the corner. Quote Link to comment Share on other sites More sharing options...
sglafata Posted January 27, 2003 Report Share Posted January 27, 2003 Oops!! That's www.shorewall.net for the Shorewll website. Sorry about that. Quote Link to comment Share on other sites More sharing options...
Guest ump Posted January 27, 2003 Report Share Posted January 27, 2003 sglafata Thanks for the info will ckeck it out and report back in a couple of days ump Quote Link to comment Share on other sites More sharing options...
Michel Posted January 29, 2003 Report Share Posted January 29, 2003 Because the controls in Mandrake for shorewall didn't worked I had to set it up manually. After I've read a little bit the manual it works now. Like someone sait here...I thought that my rpc-port was closed, but it was open...maybe because ALLOWRELATED=yes. (I clicked to scan....???) Now the problem: Anyway you can view your syslog for shorewall info and there you can view wich IP and protocol your ISP uses to set up the communication. For me th protocol is udp. ( You just have to add then ACCEPT net:IP-address ..... these outgoing connections in your rules-file in /etc/shorewall). I don't know if it is so good, but I only accept outgoing connections. I think this is the safest. I suppose ALLOWRELATED will make sure that any connections I want(I asked) will be allowed. If this is not a good idea, anyone please tell me! Quote Link to comment Share on other sites More sharing options...
Guest ump Posted January 30, 2003 Report Share Posted January 30, 2003 Well went over to shorewall.net read the insturctions for one inyerface setup copied the files as stated in the instructions but I;m am still at the same piont I have always been at my ports show closed to blocked Am I using the wrong instructions I connect via cable which is attached to a router w/built NAT that is the connected to my computer Yes I am feeling real stupid right now it should not be this hard ump Quote Link to comment Share on other sites More sharing options...
sglafata Posted January 30, 2003 Report Share Posted January 30, 2003 Did you manually edit the files for your situation? In my case, the only file that I really had to edit was the /etc/shorewall/rules file. What problem are you experiencing or do you feel is wrong? I have a few ports marked as Blocked, but most are in Stealth mode. Is that what you feel you should have? What is your output when you run: service shorewall start (or restart)? Is there anything in the output that you feel is not right? Are you on a cable modem, DSL or dial-up? Do you still have the other firewalls installed that may be conflicting with Shorewall or maybe have modified your firewall script or IPTables file? If, I suggest removing all firewall packages and starting with just one and work on that one. You're right, it shouldn't be this difficult. :? Quote Link to comment Share on other sites More sharing options...
Guest ump Posted January 30, 2003 Report Share Posted January 30, 2003 I went to the shorewall page as you suggested followed the instruction for one interface setup I copied the files it stated to copy into /etc/shorewall. According to what I have read when running in stealth mode all ports should come up as blocked but most of mine just come up as closed. I have cable internet the cable modem goes into my Dsl/cable router then into my box. When I start or stop shorwall I do it via MCC it showes a few thing but no errors As far as haveing mutiple firewall programs installed I honestly don't know I have tried to install guarddog and firestarter both but I get an error saying they are already installed but if I go to uninstall them I get an message saying the files aren't there if I go and try to finf the files again I get no results I have tried uninstalling shorewall and iptables then trying to install guarddog and firestarter same thing I have downloaded guarddog instead of going from the cd I get a message stating it conflicts and installation is aborted. ump Quote Link to comment Share on other sites More sharing options...
sglafata Posted January 30, 2003 Report Share Posted January 30, 2003 Does your router have a built-in firewall and if so, are you utilizing it? Maybe, your shorewall config is correct, but your router's firewall is blocking the ports? Did you edit the shorewall files at all? Or did you leave them as is? I have been experiencing the same problems with your uninstall/install issues since I switched to LM9.0. I still have to figure that one out, but I think it has to do with the "security" and "bugfix" updates. They do not seem to be stable enough. Again, another post! I do not stop and start from MCC. I have never liked the firewall feature of MCC. I always do it from the console. Also, if you do it from the console, you can see some output. Type: service shorewall <stop/start/restart> See what you get. If all looks well, I would bet it's your router. Try testing the ports with the router and without and see if there's a difference. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.