go an get gShield.. untar it into /etc/firewall
edit the one config file.. written in english with the possible answers listed in comments above each question... and start it... then relax... In fact unless you are running server services,, you really don't need to change much in the config.. and you will not have firewall issues again.. I use nothing else anymore.. (used to write iptables scripts by hand before..) give it a shot.. very handy and well written tool.. mandrake could learn alot from it in the firewalling stakes.. rgds Franki -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Richard Urwin Sent: Sunday, 30 March 2003 4:13 PM To: [EMAIL PROTECTED]; Richard Jones Subject: Re: [newbie] shorewall pain and agony On Sunday 30 Mar 2003 2:38 am, Richard Jones wrote: > I've got a machine that I use as a firewall and server. It has two ethernet > cards: > > eth0 - cable modem to the internet > eth1 - local LAN > > I set up the connections fine to access the internet and share the > connection. The connection sharing seems to always want to set up ppp+, > even though I don't have a ppp+ connection defined. Easy enough to change > in the config dialog though. So that seems fine. Looking in the shorewall > config, all seems well. > > I then set up the firewall to only allow ssh through - I don't trust these > cable networks an inch :) > > The only problem is - as soon as I use the firewall config gui, the > shorewall config grows a ppp+ connection that it thinks is my connection to > the internet. Needless to say, things simply don't work after that. > > I've managed to get the setup working (through manual editing of the > shorewall configs) to the point of the local LAN machines being able to > access the samba shares on the server. They can't share the connection > though. > > Any ideas what might cause the ppp+ wierdness? > > > Richard Accumulated wisdom* on this list is don't use Shorewall, or only use it to kick-start the IP Tables config and hand-tweek them from there. If you have any connectivity at all then you're doing better than most. The Network Administrator's Guide (see The Linux Documentation Project website) has details of IP Tables. *although some opinions do differ. -- Richard Urwin
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com