Find the answer to your Linux question:
Results 1 to 7 of 7
I am new and I am running Mandrake 10.0. I am wondering what i need to do to setup the firewall (if anything). When I go into the Mandrake Control ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2005
    Posts
    4

    Mandrake Firewall Setup


    I am new and I am running Mandrake 10.0. I am wondering what i need to do to setup the firewall (if anything). When I go into the Mandrake Control Center, select security and then select Firewall there are a list of options "to allow the internet to connect to":

    Everything (no firewall)
    Web Server
    Domain Name Server
    Ftp Server
    SSh server
    Main Server
    Pop and IMAP Server
    ping

    which ones should i have selected? Currently I have "Everything (no firewall)" selected. Also under Security there "Levels and Checks" and "Permissions" options that can be modified. Do I need to do anything with these? I am just using the computer for my own personal use and the typical web surfing, email etc.

    Thanks.

  2. #2
    Linux Guru lakerdonald's Avatar
    Join Date
    Jun 2004
    Location
    St. Petersburg, FL
    Posts
    5,035
    just select ping, since you're just a home pc. or you can make your pc not respond to ping probes by allowing nothing.

  3. #3
    Just Joined!
    Join Date
    Mar 2005
    Posts
    4
    Quote Originally Posted by lakerdonald
    just select ping, since you're just a home pc. or you can make your pc not respond to ping probes by allowing nothing.
    I just tried that, but then I am unable to connect to any web pages through my browser and my I cannot connect to the email server. In fact, the only time I am able to connect is when I have "Everything (no firewall) selected".

  4. #4
    Linux Guru lakerdonald's Avatar
    Join Date
    Jun 2004
    Location
    St. Petersburg, FL
    Posts
    5,035
    oh so those are the things that your computer are allowed to connect to? that seems kind of backwards...

  5. #5
    Just Joined!
    Join Date
    Mar 2005
    Posts
    4
    Quote Originally Posted by lakerdonald
    oh so those are the things that your computer are allowed to connect to?
    I think so...the GUI asks..."Which services would you like to allow the internet to connect to?" and then gives the list with check boxes next to each one.

  6. #6
    Just Joined!
    Join Date
    Dec 2004
    Posts
    7
    Set your built-in firewall to pass everything, like it defaults to. Install Webmin and Shorewall. Here is how your shorewall policy file should look at the end:

    loc net ACCEPT
    fw loc ACCEPT
    fw net ACCEPT
    net all DROP info
    all all REJECT info
    loc $FW ACCEPT -

    You have to add the last line yourself, or you won't even be able to browse on the machine with the internet connection. You will also need to install squid, and bind.

    net = internet
    fw = firewall
    loc = your local network

    See the shorewall and squid homepages for detailed info, but remember that Mandrakes version of shorewall is slightly different from the rest of the world.

    You have to set up ip-masquerade before this will work. As root, at the command line, type:

    echo 1 > /proc/sys/net/ipv4/ip_forward

    and then type:

    iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

    If you're not using dial-up, then you need to change ppp0 to the appropriate interface.

    http://www.shorewall.net
    http://www.squid-cache.org

    HTH

    Michael

  7. #7
    Just Joined!
    Join Date
    Mar 2005
    Posts
    4
    Thanks Michael. I had been reading the shorewall documentation recently. The only part I hadn't figured out was the masquerading. Thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •