Find the answer to your Linux question:
Results 1 to 3 of 3
Hi, I'm currently running Slackware 12.1 will all upgrades applied. I hope this question isn't too stoopid, but I'm not sure I fully understand some aspects of securing my system. ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2006
    Posts
    19

    rc.firewall vs. iptables question


    Hi,

    I'm currently running Slackware 12.1 will all upgrades applied.

    I hope this question isn't too stoopid, but I'm not sure I fully understand some aspects of securing my system. And yes, not only did I 'Read The Fine Manual', but I bought a hard copy of Slackware Linux Essentials, 2nd Ed.

    According to the SW Essentials book, after installing, i should place the following rules in /etc/rc.d/rc.firewall:

    iptables -P INPUT DROP
    iptables -P FORWARD DROP
    iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -s 127.0.0.0/8 -d 127.0.0.0/8 -i lo -j ACCEPT
    I did so. Then I

    chmod +x /etc/rc.d/rc.firewall

    Then, after I boot up but before startx, I do

    /etc/rc.d/rc.firewall start.

    I read another post in this forum that suggested that the user iptables -L to see what rules he has. I ran iptables -L and this is my output:

    root@slackware:~# iptables -L
    Chain INPUT (policy DROP)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT all -- loopback/8 loopback/8
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT all -- loopback/8 loopback/8
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT all -- loopback/8 loopback/8

    Chain FORWARD (policy DROP)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere
    root@slackware:~#
    It appears that my iptables are set to accept everything.

    My copy of the "Slackware Linux Essential, 2nd Ed." was published in 2005. I realize that software evolves over time. I haven't found anything on the net to indicate that what i did is no longer the preferred ( or effective) way. I just wanted to verify that I did things correctly.

    This SW install is used strictly as a desktop, not a server.

    Thanks,
    -Joe G.
    Last edited by joegumbo; 08-17-2008 at 02:08 AM. Reason: Clarity & brevity

  2. #2
    Just Joined!
    Join Date
    Aug 2008
    Posts
    4
    when I installed slack 12.0 I installed guarddog from:

    SlackBuilds.org

    note read howto before downloading.
    This gives a graphical interface if you don't want to learn about firewall's
    if you do here is a link to the slackware forums:

    Slackware - LinuxQuestions.org

    and here is a link to the group that writes netfilters and a howto from them:

    http://www.netfilter.org/
    http://www.netfilter.org/documentati...umentation-faq

  3. #3
    Just Joined!
    Join Date
    Nov 2006
    Posts
    19
    Hi jfxg!

    I didn't know that there was a SlackBuild for guarddog. Thanks!

    I'll try cross-posting to the other list.

    Thank you!
    -Joe

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •