Hi, I have Shorewall version 1.3.14 running on Linux Mandrake 9.1. I used the Mandrake Control centre to configure my internet connection and Firewall. My modem was, and is still not recognised by the configuration wizard, which only sees my Ethernet card as my sole access to the web.(I don''t have a network and don''t use this card). I configured my winmodem (a Conexant HCF pci modem) with some help from a guy in Russia, many thanks, using hcfpciconfig in the root terminal after having installed the appropriate driver. I accessed the Mandrake Control centre to switch the Firewall on. However it won''t let me access the web thru my dial up connection winmodem using KMail or the web browser as it is configured to one zone only, net.(Which I presume means network?). If I switch off the firewall I can access the web without problem. The following is a printout from the terminal: [root@localhost simon]# shorewall check Processing /etc/shorewall/params ... Verifying Configuration... Loading Modules... Determining Zones... Zones: net Validating interfaces file... Validating hosts file... Determining Hosts in Zones... Net Zone: eth0:0.0.0.0/0 Validating rules file... Validating policy file... Policy for fw to net is ACCEPT Policy for net to net is DROP Policy for net to fw is DROP Policy for fw to fw is REJECT Configuration Validated I am a newbie. I need somebody to spell out for me what commands to type into the terminal to reconfigure the firewall. I have never done anything like this before, I don''t know how to edit files and then save them back in the same place again. Is there any hope for me??? Regards, Simon. Source: Mandrake Linux 9.1 : Mail
On Wed, 7 May 2003 14:44:02 +0100, Simon <sauheu@tiscali.co.uk> wrote:> Hi, I have Shorewall version 1.3.14 running on Linux Mandrake 9.1. > I used the Mandrake Control centre to configure my internet connection > and Firewall. My modem was, and is still not recognised by the > configuration wizard, which only sees my Ethernet card as my sole access > to the web.(I don''t have a network and don''t use this card). > I configured my winmodem (a Conexant HCF pci modem) with some help from a > guy in Russia, many thanks, using hcfpciconfig in the root terminal after > having installed the appropriate driver. > I accessed the Mandrake Control centre to switch the Firewall on. > However it won''t let me access the web thru my dial up connection > winmodem using KMail or the web browser as it is configured to one zone > only, net.(Which I presume means network?). If I switch off the firewall > I can access the web without problem. > The following is a printout from the terminal: > > [root@localhost simon]# shorewall check > Processing /etc/shorewall/params ... > Verifying Configuration... > Loading Modules... > Determining Zones... > Zones: net > Validating interfaces file... > Validating hosts file... > Determining Hosts in Zones... > Net Zone: eth0:0.0.0.0/0 > Validating rules file... > Validating policy file... > Policy for fw to net is ACCEPT > Policy for net to net is DROP > Policy for net to fw is DROP > Policy for fw to fw is REJECT > Configuration Validated >With the firewall stopped, edit /etc/shorewall/interfaces and change ''eth0'' to ''ppp0''. Then start the firewall. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Hi, I have now managed to configure Shorewall version 1.13.4 on Linux Mandrake 9.1., the following is a copy of Shorewall check on my system. [root@localhost simon]# shorewall check Processing /etc/shorewall/params ... Verifying Configuration... Loading Modules... Determining Zones... Zones: net Validating interfaces file... Validating hosts file... Determining Hosts in Zones... Net Zone: ppp0:0.0.0.0/0 Validating rules file... Validating policy file... Policy for fw to net is ACCEPT Policy for net to net is DROP Policy for net to fw is DROP Policy for fw to fw is DROP Configuration Validated [root@localhost simon]# When I ran a scan on my system at the Sygate site it showed every port hidden except three, Web port 80, Ident port 113 and Location Service 135. How can configure the system to hide these ports as well? Regards, Simon
On Thu, 8 May 2003 19:35:48 +0100, Simon Utley <sauheu@tiscali.co.uk> wrote:> [root@localhost simon]# > When I ran a scan on my system at the Sygate site it showed every port > hidden except three, Web port 80, Ident port 113 and Location Service > 135. > How can configure the system to hide these ports as well?READ THE FAQ! -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net