Jump to content

Firewall stops all traffic

kilimanjaro

By kilimanjaro
in Security

 Share

Recommended Posts

kilimanjaro Awesome

kilimanjaro

Posted
Posted

I have been having a problem with all the firewalls I have tried (firestarter, guarddog, shorewall). When ever I try to use one it stops all traffic to the net. I can't even use http. I have tried configureing shorewall. I have set the protocols on guarddog. I just tried to set the rules shorewall, and I don't really know how. I tried Kate, but i don't know where or what goes in the rules. I have been using mandrake 9.1 since july and I have never had a firewall work right and I cannot use one right now. I have tried th gui for shorewall and it just cuts off nete traffic. I looked under FAQ, but I don't know how to use the editors. :wall:

Link to comment
Share on other sites
linux_learner MUB Addict

linux_learner

Posted
Posted

i used to have a similar prob. i had to kill the firewalld (iptables) and load the script. i used "arno's firewall" awesome script. great firewall. i just had to kill the iptables after i booted up, connect to the net, then load arno's firewall. i'm sure theres a slightly better way to do this, but arno's firewall is probably the best iptables script out there. http://freshmeat.net/projects/iptables-fir...l/?topic_id=151

 

hope this :help: 's

Link to comment
Share on other sites
Guest kuchwas

Guest kuchwas

Posted
Posted
I accidentally erased all my pms.  I am not really comfortable with command line yet, so I was kind of scared to do anything with it.

Install WebMin! urpmi webmin. You have to run a setup script, but then you will have the easiest, and yet most powerful iptables tool you have seen. And you will not have to worry about CLI stuff.

 

Tim

Link to comment
Share on other sites
VeeDubb MUB Addict

VeeDubb

Posted
Posted
The worst that can happen with iptables is that you won't have a working firewall, which you don't have already...

 

I'll resend the message.  Give it a try.  :)

For what it's worth, I think this is REALLY good advice. There's only one way to learn to be commfortable with a terminal prompt, and like he said, you don't have much to lose.

 

If you really can't do the terminal thing, kuchwas is also right, webmin is pretty great.

Link to comment
Share on other sites
kilimanjaro Awesome

kilimanjaro

Posted
  • Author
Posted

Atually I did have more to lose, my computer wouldn't boot after setting the iptables, it would hang on...you guessed it iptables. I had to boot in the fai-safe and flush the iptables to get it to load, luckily all I had to do was up-arrow to get the right command or I would have had to reinstall my system. I am willing to try new things on my computer, but it is the only one I have so if it won't boot I am in trouble. I will try webmin, see if I have any better luck with it. :wall:

Link to comment
Share on other sites
spinynorman Mandriva Guru

spinynorman

Posted
Posted
Atually I did have more to lose, my computer wouldn't boot after setting the iptables, it would hang on...you guessed it iptables.

Sorry, kilimanjaro, my advice was based on disabling shorewall and setting up iptables - which worked fine for me. :D

 

I guess all the other firewalls you configured should be disabled too, but I can't be held responsible for the modifications you've made to the standard setup! :rolleyes:

 

Must put a disclaimer in my signature box... :P

Link to comment
Share on other sites
Michel MUB Addict

Michel

Posted
Posted

They're a bit outdated..bit on the following address..you'll find my shorewall-config-files I use(d). You only have to replace the <ISP>-part in the rules-file with you own....IUt are the IP's your ISP gave you I believe.... I've documented a little bit (in tthe rules-file) what is allowed..which purpose they have..I try to allow only things I want. I have tested these files only with a direct adsl-connection !!!!

 

If you didn't know already...

 

shorewall start to start the firewall

shorewall restart to erstart the firewall (while it is running and you change things)

shorewall stop to stop all traffic

shroewall clear to allow all traffic

 

Here's teh adress:

 

http://lumumba.luc.ac.be/~michel/

Link to comment
Share on other sites
kilimanjaro Awesome

kilimanjaro

Posted
  • Author
Posted

spineynorman - I didn't mean to imply I was upset or anything. I think it is something wrong with my system, not your advice. I am using only shorewall now, I had to do a fresh install about a week ago. I have downloaded webmin and when I try to use it, it opens a mozilla browser and take me to a web site. Is this supposed to happen?

Link to comment
Share on other sites
spinynorman Mandriva Guru

spinynorman

Posted
Posted
I have downloaded webmin and when I try to use it, it opens a mozilla browser and take me to a web site.  Is this supposed to happen?

To quote their web site, "Webmin is a web-based interface for system administration for Unix", so yes, it will do that...

 

Other posters have said that it's easy to use, but it looks complicated to me! I'm sure they'll be able to help if you proceed with it. :)

 

BTW my previous post was supposed to be humorous... :juggle:

Link to comment
Share on other sites
Gowator Platinum

Gowator

Posted
Posted
Sorry if I've just not picked it up from earlier posts but how do you connect to the web?

 

I've got shorewall to work by downloading the sample scripts from their website and changed the default ethernet connection to the address of my modem.

Just do like Qchem says....

 

READ the 'For Mandrake users doc's on shorewalls' site

Download the relevant sample

Overwrite thje MDK generated settings

 

Fire up webmin and add/delete anythig you want (although its probably fine- doesn't hurt to look and see what you understand)

Read the truly excellent shorewall documentaiton ...

 

Send email to shorewall saying thanks for SUCH an excellent program.

(the last is optional, apparently it will work without it)

 

I have kept away from this thread because I know the mandrake settings are a nightmare!!! They only work for some configs and if they fail.... well the documentaiton from shorewall doesn't work for the MDK config.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...