emilioestevezz Posted July 23, 2003 Report Share Posted July 23, 2003 Hi, i ve been looking further in my linux configuration and i discover that i have 2 firewalls interactivating in my host, heimdall firewall and shorewall, the question is can they work togheter or must they? and in case that i must remove heimdall how do i remove it??? Well thats all by know thanks. Emilio Quote Link to comment Share on other sites More sharing options...
Gowator Posted July 23, 2003 Report Share Posted July 23, 2003 That looks wrong ... First off is in not Heimdaal not heimdall ... Just from my Scandanavian spelling the former seems more likely but then so does hjemdaal Anyway, two firewalls is one to many... Shorewall does other stuff apart from being a firewall so be carefull. Also unless you have got your head round the config files from Mandrake I found the shorewall ones from their website much easier. You might have activated the other firewall accidentally in Webmin ... I know I was messing with it and it said 'hey you got shorewall, you don't really wanna do this' Anyway, once I stuck the shorewall config files and read their quickstart guide 5 mins it all made sense. I guess now I understand it I'd understand the Mdk config but I haven't the patience. Quote Link to comment Share on other sites More sharing options...
Gowator Posted July 23, 2003 Report Share Posted July 23, 2003 Or shorewall - My Way. Actually this is shorewall the shorewall way ... 1) Make sure you have webmin and its working ... 2) Stop shorewall with shorewall clear 3) Make sure you can access the internet from the PC you will be using as the firewall. If this doesn't work then it won't work with shorewall running either. 4) Work out which type of configuration you will use ... http://www.shorewall.net/ you need to work out according to the pictures in the quickstart guides. 5) Download the relevant quickstart guide .... follow the links as you read the documentation..... 6) Copy their sample config files over, you can save your mdk ones if you really want ... I did but never went back !!! 7) Thats worked for me ... Nothing clever .. I just followed the instructions .. 8) Now you can add anything fancy like allowing NFS from your other PC's to your firewall etc... I just used WEBMIN !!! Quote Link to comment Share on other sites More sharing options...
Gowator Posted July 23, 2003 Report Share Posted July 23, 2003 On my way home .... Will be on the firewall in 35-45 minutes if anything doesn't work :-) Quote Link to comment Share on other sites More sharing options...
iphitus Posted July 24, 2003 Report Share Posted July 24, 2003 Anyway, two firewalls is one to many...Shorewall does other stuff apart from being a firewall so be carefull. I had a friend who had more than 4 firewalls on his computer. It was running Windex, so he needed it. James Quote Link to comment Share on other sites More sharing options...
Gowator Posted July 24, 2003 Report Share Posted July 24, 2003 Seriously, One firewall should be plenty. You can block any port by protocol and run NAT.... Without the beast that is ActiveX you can choose exactly what is and what is not seen and modifiable/runable. Having two firewalls is just likely to be confusing ... ie. port 21 might be blocked by one, not the other ... if your also running a proxy server and remapping port 21 then thats likely to be confusing... In reality Do you want ftp? No .... turn it off Yes ... Do you want it within your internal network ... Allow port 21 for your internal zone Do you want it to the internet.... Allow port 21 from your internal to internet zones Do you want it from the internet .... etc. etc. Firewalls are enough problems to configure without having 2.... Quote Link to comment Share on other sites More sharing options...
iphitus Posted July 24, 2003 Report Share Posted July 24, 2003 I agree more than one is silly. I was just making a comment. Anyway i use shorewall and it works fine. I just configure it in MCC. James Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.