kilimanjaro Posted November 3, 2003 Report Share Posted November 3, 2003 I have been having a problem with all the firewalls I have tried (firestarter, guarddog, shorewall). When ever I try to use one it stops all traffic to the net. I can't even use http. I have tried configureing shorewall. I have set the protocols on guarddog. I just tried to set the rules shorewall, and I don't really know how. I tried Kate, but i don't know where or what goes in the rules. I have been using mandrake 9.1 since july and I have never had a firewall work right and I cannot use one right now. I have tried th gui for shorewall and it just cuts off nete traffic. I looked under FAQ, but I don't know how to use the editors. Quote Link to comment Share on other sites More sharing options...
spinynorman Posted November 3, 2003 Report Share Posted November 3, 2003 What happened with the iptables instructions I PM'ed to you? :huh: Quote Link to comment Share on other sites More sharing options...
kilimanjaro Posted November 3, 2003 Author Report Share Posted November 3, 2003 I accidentally erased all my pms. I am not really comfortable with command line yet, so I was kind of scared to do anything with it. Quote Link to comment Share on other sites More sharing options...
spinynorman Posted November 3, 2003 Report Share Posted November 3, 2003 The worst that can happen with iptables is that you won't have a working firewall, which you don't have already... I'll resend the message. Give it a try. :) Quote Link to comment Share on other sites More sharing options...
linux_learner Posted November 3, 2003 Report Share Posted November 3, 2003 i used to have a similar prob. i had to kill the firewalld (iptables) and load the script. i used "arno's firewall" awesome script. great firewall. i just had to kill the iptables after i booted up, connect to the net, then load arno's firewall. i'm sure theres a slightly better way to do this, but arno's firewall is probably the best iptables script out there. http://freshmeat.net/projects/iptables-fir...l/?topic_id=151 hope this 's Quote Link to comment Share on other sites More sharing options...
Guest kuchwas Posted November 3, 2003 Report Share Posted November 3, 2003 I accidentally erased all my pms. I am not really comfortable with command line yet, so I was kind of scared to do anything with it. Install WebMin! urpmi webmin. You have to run a setup script, but then you will have the easiest, and yet most powerful iptables tool you have seen. And you will not have to worry about CLI stuff. Tim Quote Link to comment Share on other sites More sharing options...
VeeDubb Posted November 3, 2003 Report Share Posted November 3, 2003 The worst that can happen with iptables is that you won't have a working firewall, which you don't have already... I'll resend the message. Give it a try. :) For what it's worth, I think this is REALLY good advice. There's only one way to learn to be commfortable with a terminal prompt, and like he said, you don't have much to lose. If you really can't do the terminal thing, kuchwas is also right, webmin is pretty great. Quote Link to comment Share on other sites More sharing options...
kilimanjaro Posted November 3, 2003 Author Report Share Posted November 3, 2003 Atually I did have more to lose, my computer wouldn't boot after setting the iptables, it would hang on...you guessed it iptables. I had to boot in the fai-safe and flush the iptables to get it to load, luckily all I had to do was up-arrow to get the right command or I would have had to reinstall my system. I am willing to try new things on my computer, but it is the only one I have so if it won't boot I am in trouble. I will try webmin, see if I have any better luck with it. Quote Link to comment Share on other sites More sharing options...
spinynorman Posted November 3, 2003 Report Share Posted November 3, 2003 Atually I did have more to lose, my computer wouldn't boot after setting the iptables, it would hang on...you guessed it iptables. Sorry, kilimanjaro, my advice was based on disabling shorewall and setting up iptables - which worked fine for me. :D I guess all the other firewalls you configured should be disabled too, but I can't be held responsible for the modifications you've made to the standard setup! Must put a disclaimer in my signature box... :P Quote Link to comment Share on other sites More sharing options...
Michel Posted November 3, 2003 Report Share Posted November 3, 2003 They're a bit outdated..bit on the following address..you'll find my shorewall-config-files I use(d). You only have to replace the <ISP>-part in the rules-file with you own....IUt are the IP's your ISP gave you I believe.... I've documented a little bit (in tthe rules-file) what is allowed..which purpose they have..I try to allow only things I want. I have tested these files only with a direct adsl-connection !!!! If you didn't know already... shorewall start to start the firewall shorewall restart to erstart the firewall (while it is running and you change things) shorewall stop to stop all traffic shroewall clear to allow all traffic Here's teh adress: http://lumumba.luc.ac.be/~michel/ Quote Link to comment Share on other sites More sharing options...
kilimanjaro Posted November 4, 2003 Author Report Share Posted November 4, 2003 spineynorman - I didn't mean to imply I was upset or anything. I think it is something wrong with my system, not your advice. I am using only shorewall now, I had to do a fresh install about a week ago. I have downloaded webmin and when I try to use it, it opens a mozilla browser and take me to a web site. Is this supposed to happen? Quote Link to comment Share on other sites More sharing options...
spinynorman Posted November 4, 2003 Report Share Posted November 4, 2003 I have downloaded webmin and when I try to use it, it opens a mozilla browser and take me to a web site. Is this supposed to happen? To quote their web site, "Webmin is a web-based interface for system administration for Unix", so yes, it will do that... Other posters have said that it's easy to use, but it looks complicated to me! I'm sure they'll be able to help if you proceed with it. :) BTW my previous post was supposed to be humorous... Quote Link to comment Share on other sites More sharing options...
Qchem Posted November 4, 2003 Report Share Posted November 4, 2003 Sorry if I've just not picked it up from earlier posts but how do you connect to the web? I've got shorewall to work by downloading the sample scripts from their website and changed the default ethernet connection to the address of my modem. Quote Link to comment Share on other sites More sharing options...
kilimanjaro Posted November 5, 2003 Author Report Share Posted November 5, 2003 (edited) I have an Aopen fm56-ru external modem and dial up. Could that be causing my problem? Edited November 5, 2003 by kilimanjaro Quote Link to comment Share on other sites More sharing options...
Gowator Posted November 5, 2003 Report Share Posted November 5, 2003 Sorry if I've just not picked it up from earlier posts but how do you connect to the web? I've got shorewall to work by downloading the sample scripts from their website and changed the default ethernet connection to the address of my modem. Just do like Qchem says.... READ the 'For Mandrake users doc's on shorewalls' site Download the relevant sample Overwrite thje MDK generated settings Fire up webmin and add/delete anythig you want (although its probably fine- doesn't hurt to look and see what you understand) Read the truly excellent shorewall documentaiton ... Send email to shorewall saying thanks for SUCH an excellent program. (the last is optional, apparently it will work without it) I have kept away from this thread because I know the mandrake settings are a nightmare!!! They only work for some configs and if they fail.... well the documentaiton from shorewall doesn't work for the MDK config. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.