chin808 Posted November 21, 2003 Report Share Posted November 21, 2003 Is there a way to manually stealth ports using the config I have (Mandrake firewall/shorewall)? Also I installed guarddog earlier and didnt see any difference in tests prior to the install using pcflank. I was in the mcc and noticed that iptables werent running... does this conflict with shorewall or should I go in and turn that service on? Im a n00b so if you got a thoight for me please try and explain in a way I might understand... heh Thanx :lol: Quote Link to comment Share on other sites More sharing options...
Guest tezca Posted November 25, 2003 Report Share Posted November 25, 2003 (edited) Iptables is the actual firewalll software for Linux, older versions use ipchains, Shorewall and Guarddog and all the others are tools to configure iptables or ipchains. As far as manually Steathing your ports oh yeah, but you must learn iptables you can take all your firewall rules and save them in a file. like so root@locahost#> iptables-save > /etc/sysconfig/iptables then you can turn off shorewall or whatever and then reload your firewall with /sbin/service iptables restart then when you boot your firewall will by default be loaded from /etc/sysconfig/iptables then if you want to look at the syntax open up the file and you can add new entries then reload iptables to make sure you have the correct syntax. Edited November 25, 2003 by tezca Quote Link to comment Share on other sites More sharing options...
linux_learner Posted November 25, 2003 Report Share Posted November 25, 2003 in my recent and on going study of networking, i have come to find that not only can linux do NAT (network address translation, also call "ip masqueracding"), but linux can do PAT (port address translation). this information is in the ip masquerading howto. Quote Link to comment Share on other sites More sharing options...
kilimanjaro Posted December 8, 2003 Report Share Posted December 8, 2003 What is ip masquerading? Quote Link to comment Share on other sites More sharing options...
linux_learner Posted December 8, 2003 Report Share Posted December 8, 2003 ip masquerading, ip alias. a fake ip address. Quote Link to comment Share on other sites More sharing options...
kilimanjaro Posted December 8, 2003 Report Share Posted December 8, 2003 (edited) How well does it work? Edited December 8, 2003 by kilimanjaro Quote Link to comment Share on other sites More sharing options...
Guest slr Posted December 8, 2003 Report Share Posted December 8, 2003 (edited) Is there a way to manually stealth ports using the config I have (Mandrake firewall/shorewall)?Also I installed guarddog earlier and didnt see any difference in tests prior to the install using pcflank. I was in the mcc and noticed that iptables werent running... does this conflict with shorewall or should I go in and turn that service on? Im a n00b so if you got a thoight for me please try and explain in a way I might understand... heh Thanx :lol: Ok i'm not a command prompt guru so i'll tell you how i solved the prob with iptables not starting... First of all make sure you have webmin installed... Uninstall guarddog and restore the original iptables configuration... Then open your browser and point it to: https://localhost:1000 Enter root and your password below... Now go to networking -> Linux firewall... It should give you a warning that this system uses shorewall for the conf and you'd better use the appropriate module...Ignore it and read on... You should see a warning (I'll tell it to you the way i remember it coz i fixed it..) about some rules ready to be applied or something like that...There should be a button that does the job...Use it.... Now go to the bottom of the page make sure activate at boot is enabled and use apply configuraion just to be sure... Go to Mandrake control center -> System -> Services and start iptables... You Should be set.... Now for any changes in the rules, like opening ports and stuff you should use the shorewall module which is easier to use and makes the appropriate changes to iptables...Or the simple firewall utility that comes with mandrake and it's a lot easier to use if you don't know the specific ports that the services that you're running use... Let me know if anything goes wrong... :D Good luck... P.S. Since both shorewall and guardog make changes to iptables i'd suggest using only one of the two to set up your firewall to avoid conflicts.I find shorewall very easy and straightforward and if you use webmin to configure it, it should be a piece of cake (Althought the default configuration is already good since it closes all ports from the outside and you should open manually only the ones that you run services on...) Edited December 8, 2003 by slr Quote Link to comment Share on other sites More sharing options...
DOlson Posted December 8, 2003 Report Share Posted December 8, 2003 In my experience, the best firewall tool out there is ipkungfu. It's great. No GUI, so it's good for servers, and it's very simple to configure in the text files, so you don't need to know a lot of syntax... I love it. It's easy to forward ports, setup vhosts, etc. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.