iptables - kmyfirewall - unable to set up firewall

[flebber]

Have been trying to set up iptables on my kubuntu 7.10 box . I want to do a basic workstation set up that will allow web and mail access along with printer(usb) access and torrent.

I have tried a few iptables guides now with no success, so thought I would try kmyfirewall. However there appears to be a few problems .

1. I cannot define a torrent rule or rule for my printer in the gui.
2. Unable to Install firewall I receive this error

Code:

Error: kdesu: Unknown option '-t'.
Error: kdesu: Use --help to get a list of available command line options.

Execution failed
Exit(Code): 254

I have tried starting kmyfirewall with sudo sudo -i kdesu but nothing seems to let it install .

This is what I have been using to try and get a firewall up
HOWTO Iptables for newbies - Gentoo Linux Wiki
Gentoo Linux Documentation -- Home Router Guide
Opening and closing ports in Linux… « Ramblings of an Eccentric Soul…
ArchWiki :: Simple stateful firewall HOWTO - ArchWiki

If you can help with kmyfirewall or have some good links for setting up iptables I would appreciate it. I just can't seem to get a reliable firewall up and configured properly.

[Lazydog]

You should be looking at this tutorial to explain thing to you.

Iptables Tutrial 1.2.1

If a simple firewall is what you want then try this;

Code:

/sbin/iptables -P INPUT DROP
/sbin/iptables -F INPUT
/sbin/iptables -P OUTPUT DROP
/sbin/iptables -F OUTPUT
/sbin/iptables -P FORWARD DROP
/sbin/iptables -F FORWARD
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -j DROP
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
/sbin/iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -m state --state NEW -j ACCEPT
/sbin/iptables -A OUTPUT -j DROP

This allow all connections out and nothing in except what you have requested.

Then run the following;

Code:

/sbin/iptables-save

to save the firewall config.

Then everytime you boot it should be started automaticly.
Provided you have your sytem setup to start the firewall at boot.

I'm not big on the GUI setup of a firewall and configure and manage my firewalls by hand.

[flebber]

Thanks for the reply it is very helpful. What is the best way to test that the firewall is working properly ?

[Lazydog]

You could use one of the following web site to test:

Shield's UP!

HackerWacker Firewall Test

Both will test your firewall. Now if your ISP is blocking ports already then these will not help much.
You will have to find a source inside your ISP to test your firewall. A friend maybe using the same ISP.