Guest Joe Noob Posted August 23, 2003 Report Share Posted August 23, 2003 Ok I get the dsl up (rp-ppoe rocks) but only without a firewall. Here's the readers digest version: DSL up and can surf no problem, start shorewall and then I cant connect, add checks to more stuff in the shorewall gui and still cant connect.Ok so I shut down shorewall and download Guarddog ( I used guarddog with 9.0) Iset it up the same as before and cant connect , put a check by more stuff ie opened more ports, and still cant connect , gasp, shut down guarddog try to connect and no go huh? run the netconf. wizard again and yep you guessed it "cant connect" So anyone have any tips, tricks or links to lit alone with the inevitable RTFM that I do deserve but I was just too excited with my new DSL to do google. Thanx in advance Quote Link to comment Share on other sites More sharing options...
MottS Posted August 23, 2003 Report Share Posted August 23, 2003 http://www.mandrakeusers.org/viewtopic.php...p?p=46183#46183 If you wanna try another firewall you have to do: 1) uninstall shorwall 2) uninstall iptable 3) reinstall iptable 4) reinstall the desired firewall (in your case Guarddog) It is so because Shorwall modifies iptable when you first install it and it does not put back iptable at it's initial state when you uninstall it. It would be simpler to configure Shorewall correctly. Here is what I would have for a 1 interface system: net ppp0 detectloc eth0 detect fw net ACCEPT <--THIS LINE IS IMPORTANT!!!!!!!!!net all DROP net Net Internet zoneloc Local Local By default you surely have something in /etc/shorewall/rules .. what is it? What is the output of 'ifconfig' when you are connected to the net and you think you could access it? Did you restart shorewall after playing with the config files (type 'service shorewall restart' as root) ? ... MOttS Quote Link to comment Share on other sites More sharing options...
Guest Joe Noob Posted August 24, 2003 Report Share Posted August 24, 2003 Thanx for the reply, good stuff to know, Im writing this on the way out the door but I'll be making some time tomarrow to play with it and I want to read up on firewalls a little. Just the very basics , I'm a Gui kinda guy. Thanks again Joe Quote Link to comment Share on other sites More sharing options...
Guest Joe Noob Posted August 24, 2003 Report Share Posted August 24, 2003 A quick question , in Motts Shorewall how to in the FAQ links he states , I think, that if you dont whant to run a server that just installing shorewall is all you have to do? Because after I installed it the dsl worded fine but i opened the shorewall GUI and it had a check next to disabled .So i thought the firewall was "disabled" or did that mean server activity was disabled?? Ok dig it I'm not having an easy time with this firewall stuff , Im using a laptop But no network , no servers ( i dont think?), just one ethernet card ( I think), basically its just me,the laptop,the dsl modem and a phone jack. Are there any tutorials that just cover that , cause theres alot of lit out there on firewalls but it all for routers, dns servers wireless networking connecting to your own computer from somewhere else. Please someone stop the maddness Quote Link to comment Share on other sites More sharing options...
MottS Posted August 24, 2003 Report Share Posted August 24, 2003 This is the DOC on the Shorewall website about standalone system (1 interface): http://shorewall.net/standalone.htm But personnaly I would just uninstall shorewall and iptable and then reinstall iptable... DONT REINSTALL SHOREWALL. If you just connect to the net time to time and you don't run any server, YOU DONT NEED A FIREWALL. There are lots of other targets outhere (windows machine + servers) so chances that you are attacked and they succeded are really low .. even impossible. MOttS Quote Link to comment Share on other sites More sharing options...
Guest Joe Noob Posted August 24, 2003 Report Share Posted August 24, 2003 Oh not imposible , I had it happen already so i did the netstat deal and dude paniced and messed up my system on the way out. I really would feel better having a firewall I actually tried to read that page but I need to clear somethings up : The firewall has a single network interface. Where Internet connectivity is through a cable or DSL "Modem", the External Interface will be the ethernet adapter (eth0) that is connected to that "Modem" unless you connect via Point-to-Point Protocol over Ethernet (PPPoE) or Point-to-Point Tunneling Protocol (PPTP) in which case the External Interface will be a ppp0. If you connect via a regular modem, your External Interface will also be ppp0. If you connect using ISDN, your external interface will be ippp0.My connection is through a dsl modem thats connected to my ethernet adapter i think (the rj46 on the back of my laptop) and im pretty sure yhat its a PPPoE So is it a eth0 or pppo Quote Link to comment Share on other sites More sharing options...
MottS Posted August 24, 2003 Report Share Posted August 24, 2003 Your external connection is ppp0. So in /etc/shorewall/interfaces, you have to change net eth0 detect norfc1918,routefilter,dhcp for net ppp0 - norfc1918,routefilter NOTICE: I put a '-' instead of 'detect' and I removed 'dhcp' 8) You are doing good man .. !! MOttS Quote Link to comment Share on other sites More sharing options...
Guest Joe Noob Posted August 26, 2003 Report Share Posted August 26, 2003 Thanks I appreciate the encouragment as well as the help especially the help , as a carpenter that was lucky to pass high school some times I have to read the same paragragh two or three times and you still go, HUH Huh what But Im like the gum on the bottom of the shoe of Linux , it just cant get rid of me :lol: I'll have to use that tomarrow , but right now its back to FOOOTTBAAALLL thanx again Joe Quote Link to comment Share on other sites More sharing options...
Guest Joe Noob Posted September 5, 2003 Report Share Posted September 5, 2003 MottS thanks for all your help. I am behind a firewall using linux to surf. Unfortunatly not with shorewall , for now, but Im still reading docs. Take care Joe Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.