Firewall set-up help!

[vous]

Helllo all,

I'm trying to get my SuSE firewall configured....to do so I began using this HOW-To from SuSE:

http://sdb.suse.de/sdb/en/html/pohle...hfirewall.html

But I have run into some discrepancies with the article....

#1) The first thing I'm asked to do is to add this line to the /etc/sysconfig/personal-firewall:

REJECT_ALL_INCOMING_CONNECTIONS="pppX"

Here pppX (the right one for DSL) should be the device number, but I have no device number for ppp....(I'm assuming you check that with an ifconfig -a).....????

The only devices I get are: eth0, lo, and sit0.

Hmmmmm....and now what????

#2) Second, I have an adsl ehternet modem (up and running) and the article says that for that set-up, I should have an entry like this:

"...In case you use DSL, the name of the file for the first DSL device is ifcfg-dsl0...."

What I have in that directory is:

localhost:/etc/sysconfig/network # ls -la
total 38
drwxr-xr-x 6 root root 320 Apr 9 02:02 .
drwxr-xr-x 5 root root 1224 May 15 10:49 ..
-rw-r--r-- 1 root root 4464 Sep 10 2002 config
-rw-r--r-- 1 root root 5152 May 15 10:48 dhcp
drwxr-xr-x 2 root root 48 Sep 10 2002 if-down.d
drwxr-xr-x 2 root root 48 Sep 10 2002 if-up.d
-rw-r--r-- 1 root root 93 Mar 13 17:03 ifcfg-eth0
-rw-r--r-- 1 root root 96 Sep 10 2002 ifcfg-lo
-rw-r--r-- 1 root root 3970 Sep 10 2002 ifcfg.template
drwx------ 2 root root 48 Sep 10 2002 providers
drwxr-xr-x 2 root root 856 May 15 10:48 scripts
-rw-r--r-- 1 root root 4819 May 15 10:48 wireless

Thus the only entry I have (as far as I get it) is:

ifcfg-eth0

Should I then configure this one?


Any thoughts?

[Dolda2000]

I would suggest reading up on Linux networking and firewalling instead. There are excellent HOWTOs on tldp.org and netfilter.org. You must also learn which interfaces have what names. If you have an ethernet NIC in your computer, then that is probably what eth0 is referring to.

[vous]

Well, like I mentioned above....I am indeed using a How-To from SuSE, and my question was, in part, asking about the devices in my box (which I listed) but didn't match what the How-To stated.

They refer to a DSL config file, but I only have an eth0 (which of course is the device for the only NIC I have in the box)...thus....any thoughts on that part of the question?

[Dolda2000]

The thing is that that HOWTO from SuSE seems to be referring to a lot of SuSE-specific stuff. If you read the networking and iptables HOWTOs instead, you'll learn how it actually works underneath.
If you really want to use those SuSE things, then I can't help you, because I don't use SuSE.

[vous]

Fair enough....I'll take a look at your links and see what I can cook from it...

Wish me luck!

[Dolda2000]

Break a leg... or should I say lose all your data?

[vous]

Or.....you could have said:

Dear vous,

on this memorable occassion in which you will begin the journey that will lead you to total firewall configuration, I invoke the powers of the mighty penguin to be bestowed upon you, the strength of the sea to lift you up when you fall, and the assurance from Apollo that just as the sun comes out triumphantly every morning in the horizons for all of us to see, so will you.


Courage brave one!

[vous]

So, I went to your link but came accross this problem....

http://tldp.org/HOWTO/Firewall-HOWTO-5.html

The next page is not there?!?!!! Just when he is about to begin the explanation....BOOM...error 312...weird one!

Anyways, probably the server is down or something....which would suggest that page 5 and page 6 are in the different locations perhaps?

Let's see how far the other link takes me....

[Dolda2000]

Indeed, 312 isn't even in RFC 2616. It must be some home-brew condition. Anyway, I tried it just now, and it worked perfectly, so it was probably just temporary.
Boldly continue down the great road, brave one... =)

[vous]

OK, I'ts finally up!!!

I have gone to some sites that scan ports and I came out quite all right I must say....=-)

All ports were blocked, for the exception of the ports that I selected to be blocked, which appear closed.

But as far as I understand, closed is not good enough in some cases.....

How do I go about protecting a port like port 80, that in my set-up I set to closed?