Re: Firewall: Need Advice

2004-02-07 Thread SLeiBt 
Le sam 07/02/2004 à 14:10, E&Erdem a écrit :
> 07-02-2004 - 14:01 SLeiBt:
> Here is my /etc/init.d/iptables file. I could't understand it.
> 
> And when i try /etc/init.d/iptables save active it gives an error:
> There is no file or directory /var/lib/iptables/active
> 
> "Savinging iptables ruleset: save "active" with
> counters/etc/init.d/iptables: line 66: /var/lib/iptables/active"

On the surface, it looks like mine... But I discovered that on one of my
machines (one which doesn't act as a firewall), I could get that same
type of error (although it says line 65 for some reason). On that
machine, there is no "iptables" directory in /var/lib.

I'd say this should be created when installing whatever packet iptables
is in, but well. mkdir /var/lib/iptables and you should be in business.

I'd say this directory would be ok being owned by root & with 700
rights.

Regards,

Sebastien

PS: about this directory being missing... Anybody thinks I should fill a
smallish bug for that? Running unstable with numerous upgrades almost
each day...

Re: Firewall: Need Advice

2004-02-07 Thread SLeiBt 
Le sam 07/02/2004 à 14:10, E&Erdem a écrit :
> 07-02-2004 - 14:01 SLeiBt:
> Here is my /etc/init.d/iptables file. I could't understand it.
> 
> And when i try /etc/init.d/iptables save active it gives an error:
> There is no file or directory /var/lib/iptables/active
> 
> "Savinging iptables ruleset: save "active" with
> counters/etc/init.d/iptables: line 66: /var/lib/iptables/active"

On the surface, it looks like mine... But I discovered that on one of my
machines (one which doesn't act as a firewall), I could get that same
type of error (although it says line 65 for some reason). On that
machine, there is no "iptables" directory in /var/lib.

I'd say this should be created when installing whatever packet iptables
is in, but well. mkdir /var/lib/iptables and you should be in business.

I'd say this directory would be ok being owned by root & with 700
rights.

Regards,

Sebastien

PS: about this directory being missing... Anybody thinks I should fill a
smallish bug for that? Running unstable with numerous upgrades almost
each day...


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Firewall: Need Advice

2004-02-07 Thread Horst Pflugstaedt 
On Sat, Feb 07, 2004 at 10:38:51AM +0200, E&Erdem wrote:
> Hi,
> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I

you should first try zo find out, what ruleset iptables tries to load
on boot-time (go, find /etc/init.d/firewall or /etc/init.d/iptables
or something like that...). When you found out, which ruleset wants to
be loaded at boottime, you should use your knowledge on iptables to
find the error :-)

> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 
> 
> Before this i want to ask that, do i need firewall? Yes, i know this is

Yes, you do need a firewall. A firewall is a big help to keep others
outside your system. It's a help to detect attacs. It's a big help to
anyone concerned about security.

> very important tool for whose, who taking care about security. And i can
> say i'm a paranoid about security. But all of my ports closed. There
> isn't any service listen. But sometimes i need httpd and ssh.

and you probably have installed exim (smtpd), an nameservice caching
daemon (dns)... the fact that on most of your ports no service is
listening does not mean theyre closed... they are only not used. You
need a firewall to actively close them to the world.

> 
> This machine shares internet connection with a small network. So i have
> to becareful about this. 

yes. right. be careful and use iptables.


Use the force, luke :-)

Horst.

Re: Firewall: Need Advice

2004-02-07 Thread Horst Pflugstaedt 
On Sat, Feb 07, 2004 at 10:38:51AM +0200, E&Erdem wrote:
> Hi,
> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I

you should first try zo find out, what ruleset iptables tries to load
on boot-time (go, find /etc/init.d/firewall or /etc/init.d/iptables
or something like that...). When you found out, which ruleset wants to
be loaded at boottime, you should use your knowledge on iptables to
find the error :-)

> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 
> 
> Before this i want to ask that, do i need firewall? Yes, i know this is

Yes, you do need a firewall. A firewall is a big help to keep others
outside your system. It's a help to detect attacs. It's a big help to
anyone concerned about security.

> very important tool for whose, who taking care about security. And i can
> say i'm a paranoid about security. But all of my ports closed. There
> isn't any service listen. But sometimes i need httpd and ssh.

and you probably have installed exim (smtpd), an nameservice caching
daemon (dns)... the fact that on most of your ports no service is
listening does not mean theyre closed... they are only not used. You
need a firewall to actively close them to the world.

> 
> This machine shares internet connection with a small network. So i have
> to becareful about this. 

yes. right. be careful and use iptables.


Use the force, luke :-)

Horst.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Firewall: Need Advice

2004-02-07 Thread 
07-02-2004 - 14:01 SLeiBt:
> Le sam 07/02/2004 à 09:38, E&Erdem a écrit : 
> > I've been using iptables (or i assuming that). But at boot time it gives
> > an error: "Aborting iptables load: unknown rulesets "active" ". I
> > couldn't find the problem.
>
> Have a look at startup script "/etc/init.d/iptables". If you run it with
> command "start" you'll see your error, and without anything you'll get a
> bit of help. Basically, it loads a set of rules known as "active" when
> the machine starts up, thus you have to configure your firewall as you
> like and then do a "/etc/init.d/iptables save active" to save the
> ruleset so that at next boot it'll know what to load.

Here is my /etc/init.d/iptables file. I could't understand it.

And when i try /etc/init.d/iptables save active it gives an error:
There is no file or directory /var/lib/iptables/active

"Savinging iptables ruleset: save "active" with
counters/etc/init.d/iptables: line 66: /var/lib/iptables/active"

> 
> Regards,
> 
> Sebastien
Thanks...

> 
> 
-- 
__
 E&Erdem
-- 
   
#!/bin/sh

set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

default=/etc/default/iptables
if test -f $default; then
  . $default
fi
  
have_a_cow_man () {
  for i in $@; do
if ! command -v "$i" >/dev/null 2>&1; then
  echo "Aborting iptables initd: no $i executable."
  exit 0
fi
  done
}

iptables="/sbin/${iptables_command-iptables}"
iptables_save="${iptables}-save"
iptables_restore="${iptables}-restore"

have_a_cow_man "$iptables_save" "$iptables_restore"

libdir=/var/lib/iptables
autosave="${libdir}/autosave"
initd="$0"

initd_clear () {
  rm -f "$autosave"
  echo -n "Clearing iptables ruleset: default ACCEPT policy"
  $iptables_save | sed "/-/d;/^#/d;s/DROP/ACCEPT/" | $iptables_restore
  echo "."
}

initd_halt () {
  rm -f $autosave
  echo -n "Clearing iptables ruleset: default DROP policy"
  $iptables_save | sed "/-/d;/^#/d;s/ACCEPT/DROP/" | $iptables_restore
  echo "."
}

initd_load () {
  ruleset="$libdir/$@"
  if ! test -f "$ruleset"; then
echo "Aborting iptables load: unknown ruleset, \"[EMAIL PROTECTED]"."
if  ! test "${ruleset#${libdir}/}" = active -o inactive; then
usage
fi
exit 0
  fi
  if test "${ruleset#${libdir}/}" = inactive; then
initd_autosave
  fi
  rm -f "$autosave"
  echo -n "Loading iptables ruleset: load \"[EMAIL PROTECTED]""
  $iptables_restore < "$ruleset"
  echo "."
}

initd_counters () {
  if test "${enable_save_counters:-false}" = true; then
echo -n " with counters"
$iptables_save -c > "$ruleset"
  else
$iptables_save | sed '/^:/[EMAIL PROTECTED],\}:[0-9]\{1,[EMAIL PROTECTED]:[EMAIL PROTECTED]' \ 
  > "$ruleset"
  fi
}

initd_save () {
  rm -f $autosave
  ruleset="${libdir}/$@"
  echo -n "Savinging iptables ruleset: save \"[EMAIL PROTECTED]""
   initd_counters
  echo "."
}

initd_autosave () {
  if test -f $autosave -a ${enable_autosave-false} = true; then
ruleset="${libdir}/active"
echo -n "Autosaving iptables ruleset: save \"active\""
initd_counters
echo "."
  fi
}

usage () {
  current="$(ls -m /var/lib/iptables \
| sed 's/ \{0,1\}autosave,\{0,1\} \{0,1\}//')"
cat << END
$initd options:
  start|restart|reload|force-reload
 load the "active" ruleset
  save 
 save the current ruleset
  load 
 load a ruleset
  stop
 load the "inactive" ruleset
  clear
 remove all rules and user-defined chains, set default policy to ACCEPT
  halt
 remove all rules and user-defined chains, set default policy to DROP

Saved rulesets:
  $current

Please read: $default

END
}

case "$1" in
  start|restart|reload|force-reload)
initd_load active
if test ${enable_autosave-false} = true; then
  touch $autosave
fi
;;
  stop)
initd_load inactive
;;
  clear)
initd_clear
;;
  halt)
initd_halt
;;
  save)
shift
initd_save "$@"
;;
  load)
shift
initd_load "$@"
;;
  save_active) #legacy option
initd_save active
;;
  save_inactive) #legacy option
initd_save inactive
;;
  *)
if test "$@"; then
  echo "Aborting iptables initd: unknown command(s): \"[EMAIL PROTECTED]"."
fi
usage
;;
esac

exit 0

Re: Firewall: Need Advice

2004-02-07 Thread Rolf Kutz 
This question would be better off on
debian-firewall.

* Quoting E&Erdem ([EMAIL PROTECTED]):

> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 

Read and edit 

/etc/default/iptables

> Before this i want to ask that, do i need firewall? Yes, i know this is
> very important tool for whose, who taking care about security. And i can
> say i'm a paranoid about security. But all of my ports closed. There
> isn't any service listen. But sometimes i need httpd and ssh.

If your services (ports) are closed you don't need
a firewall. If you need a service (like ssh) you
would need to open that port anyway.

- Rolf

Re: Firewall: Need Advice

2004-02-07 Thread 
07-02-2004 - 14:01 SLeiBt:
> Le sam 07/02/2004 à 09:38, E&Erdem a écrit : 
> > I've been using iptables (or i assuming that). But at boot time it gives
> > an error: "Aborting iptables load: unknown rulesets "active" ". I
> > couldn't find the problem.
>
> Have a look at startup script "/etc/init.d/iptables". If you run it with
> command "start" you'll see your error, and without anything you'll get a
> bit of help. Basically, it loads a set of rules known as "active" when
> the machine starts up, thus you have to configure your firewall as you
> like and then do a "/etc/init.d/iptables save active" to save the
> ruleset so that at next boot it'll know what to load.

Here is my /etc/init.d/iptables file. I could't understand it.

And when i try /etc/init.d/iptables save active it gives an error:
There is no file or directory /var/lib/iptables/active

"Savinging iptables ruleset: save "active" with
counters/etc/init.d/iptables: line 66: /var/lib/iptables/active"

> 
> Regards,
> 
> Sebastien
Thanks...

> 
> 
-- 
__
 E&Erdem
-- 
   
#!/bin/sh

set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

default=/etc/default/iptables
if test -f $default; then
  . $default
fi
  
have_a_cow_man () {
  for i in $@; do
if ! command -v "$i" >/dev/null 2>&1; then
  echo "Aborting iptables initd: no $i executable."
  exit 0
fi
  done
}

iptables="/sbin/${iptables_command-iptables}"
iptables_save="${iptables}-save"
iptables_restore="${iptables}-restore"

have_a_cow_man "$iptables_save" "$iptables_restore"

libdir=/var/lib/iptables
autosave="${libdir}/autosave"
initd="$0"

initd_clear () {
  rm -f "$autosave"
  echo -n "Clearing iptables ruleset: default ACCEPT policy"
  $iptables_save | sed "/-/d;/^#/d;s/DROP/ACCEPT/" | $iptables_restore
  echo "."
}

initd_halt () {
  rm -f $autosave
  echo -n "Clearing iptables ruleset: default DROP policy"
  $iptables_save | sed "/-/d;/^#/d;s/ACCEPT/DROP/" | $iptables_restore
  echo "."
}

initd_load () {
  ruleset="$libdir/$@"
  if ! test -f "$ruleset"; then
echo "Aborting iptables load: unknown ruleset, \"[EMAIL PROTECTED]"."
if  ! test "${ruleset#${libdir}/}" = active -o inactive; then
usage
fi
exit 0
  fi
  if test "${ruleset#${libdir}/}" = inactive; then
initd_autosave
  fi
  rm -f "$autosave"
  echo -n "Loading iptables ruleset: load \"[EMAIL PROTECTED]""
  $iptables_restore < "$ruleset"
  echo "."
}

initd_counters () {
  if test "${enable_save_counters:-false}" = true; then
echo -n " with counters"
$iptables_save -c > "$ruleset"
  else
$iptables_save | sed '/^:/[EMAIL PROTECTED],\}:[0-9]\{1,[EMAIL PROTECTED]:[EMAIL PROTECTED]' \ 
  > "$ruleset"
  fi
}

initd_save () {
  rm -f $autosave
  ruleset="${libdir}/$@"
  echo -n "Savinging iptables ruleset: save \"[EMAIL PROTECTED]""
   initd_counters
  echo "."
}

initd_autosave () {
  if test -f $autosave -a ${enable_autosave-false} = true; then
ruleset="${libdir}/active"
echo -n "Autosaving iptables ruleset: save \"active\""
initd_counters
echo "."
  fi
}

usage () {
  current="$(ls -m /var/lib/iptables \
| sed 's/ \{0,1\}autosave,\{0,1\} \{0,1\}//')"
cat << END
$initd options:
  start|restart|reload|force-reload
 load the "active" ruleset
  save 
 save the current ruleset
  load 
 load a ruleset
  stop
 load the "inactive" ruleset
  clear
 remove all rules and user-defined chains, set default policy to ACCEPT
  halt
 remove all rules and user-defined chains, set default policy to DROP

Saved rulesets:
  $current

Please read: $default

END
}

case "$1" in
  start|restart|reload|force-reload)
initd_load active
if test ${enable_autosave-false} = true; then
  touch $autosave
fi
;;
  stop)
initd_load inactive
;;
  clear)
initd_clear
;;
  halt)
initd_halt
;;
  save)
shift
initd_save "$@"
;;
  load)
shift
initd_load "$@"
;;
  save_active) #legacy option
initd_save active
;;
  save_inactive) #legacy option
initd_save inactive
;;
  *)
if test "$@"; then
  echo "Aborting iptables initd: unknown command(s): \"[EMAIL PROTECTED]"."
fi
usage
;;
esac

exit 0

Re: Firewall: Need Advice

2004-02-07 Thread Peter Gossner 
On 07 Feb 2004 10:38:51 +0200  E&Erdem <[EMAIL PROTECTED]> wrote:
>Hi,
>I've been using iptables (or i assuming that). But at boot time it
>gives an error: "Aborting iptables load: unknown rulesets "active" ". I
>couldn't find the problem. I searched via google, and found
>dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
>documents. But i think i lost some points, because i don't understand
>something. 
>
>Before this i want to ask that, do i need firewall? Yes, i know this is
>very important tool for whose, who taking care about security. And i
>can say i'm a paranoid about security. But all of my ports closed.
>There isn't any service listen. But sometimes i need httpd and ssh.
>
>This machine shares internet connection with a small network. So i have
>to becareful about this. 
All the more reason for a firewall.
The firewall should be on the machine that actually connects to the net.
Try using something like firestarter to get started with.

 firestarter is a GNOME program that will help you  in  configuring  and
   monitoring a GNU/Linux firewall using either ipchains or
iptables.
The latest version of Firestarter can always be found at



Essentially it writes scripts for you and starts itself up when needed.

Pete

>
>Thanks now...
>
>P.S: Sory, my English is not enough (especially technical) for telling
>my problem in a clear way. I hope you can understand.  
>
>-- 
>__
> E&Erdem
>-- 
>   
>
>
>-- 
>To UNSUBSCRIBE, email to [EMAIL PROTECTED]
>with a subject of "unsubscribe". Trouble? Contact
>[EMAIL PROTECTED]

Re: Firewall: Need Advice

2004-02-07 Thread SLeiBt 
Le sam 07/02/2004 à 09:38, E&Erdem a écrit : 
> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem.

Have a look at startup script "/etc/init.d/iptables". If you run it with
command "start" you'll see your error, and without anything you'll get a
bit of help. Basically, it loads a set of rules known as "active" when
the machine starts up, thus you have to configure your firewall as you
like and then do a "/etc/init.d/iptables save active" to save the
ruleset so that at next boot it'll know what to load.

Regards,

Sebastien

Re: Firewall: Need Advice

2004-02-07 Thread Rolf Kutz 
This question would be better off on
debian-firewall.

* Quoting E&Erdem ([EMAIL PROTECTED]):

> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 

Read and edit 

/etc/default/iptables

> Before this i want to ask that, do i need firewall? Yes, i know this is
> very important tool for whose, who taking care about security. And i can
> say i'm a paranoid about security. But all of my ports closed. There
> isn't any service listen. But sometimes i need httpd and ssh.

If your services (ports) are closed you don't need
a firewall. If you need a service (like ssh) you
would need to open that port anyway.

- Rolf


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Firewall: Need Advice

2004-02-07 Thread Peter Gossner 
On 07 Feb 2004 10:38:51 +0200  E&Erdem <[EMAIL PROTECTED]> wrote:
>Hi,
>I've been using iptables (or i assuming that). But at boot time it
>gives an error: "Aborting iptables load: unknown rulesets "active" ". I
>couldn't find the problem. I searched via google, and found
>dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
>documents. But i think i lost some points, because i don't understand
>something. 
>
>Before this i want to ask that, do i need firewall? Yes, i know this is
>very important tool for whose, who taking care about security. And i
>can say i'm a paranoid about security. But all of my ports closed.
>There isn't any service listen. But sometimes i need httpd and ssh.
>
>This machine shares internet connection with a small network. So i have
>to becareful about this. 
All the more reason for a firewall.
The firewall should be on the machine that actually connects to the net.
Try using something like firestarter to get started with.

 firestarter is a GNOME program that will help you  in  configuring  and
   monitoring a GNU/Linux firewall using either ipchains or
iptables.
The latest version of Firestarter can always be found at



Essentially it writes scripts for you and starts itself up when needed.

Pete

>
>Thanks now...
>
>P.S: Sory, my English is not enough (especially technical) for telling
>my problem in a clear way. I hope you can understand.  
>
>-- 
>__
> E&Erdem
>-- 
>   
>
>
>-- 
>To UNSUBSCRIBE, email to [EMAIL PROTECTED]
>with a subject of "unsubscribe". Trouble? Contact
>[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Firewall: Need Advice

2004-02-07 Thread SLeiBt 
Le sam 07/02/2004 à 09:38, E&Erdem a écrit : 
> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem.

Have a look at startup script "/etc/init.d/iptables". If you run it with
command "start" you'll see your error, and without anything you'll get a
bit of help. Basically, it loads a set of rules known as "active" when
the machine starts up, thus you have to configure your firewall as you
like and then do a "/etc/init.d/iptables save active" to save the
ruleset so that at next boot it'll know what to load.

Regards,

Sebastien



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Firewall: Need Advice

2004-02-07 Thread Simon Brandmair 
On Sat, 07 Feb 2004 09:40:12 +0100, E&Erdem wrote:

> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 

You wanna look there first: http://www.netfilter.org/. They have some
really good documentation.

Simon

Re: Firewall: Need Advice

2004-02-07 Thread Dale Amon 
On Sat, Feb 07, 2004 at 10:38:51AM +0200, E&Erdem wrote:
> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 

Since I do my own firewall from scratch and don't
touch the auto-installed stuff, I can only surmise.

There may be a script in /etc/init.d/ that is loading
a debian default firewall if you selected a package
with a default firewall.

I seem to remember running across a script that reads
on startup and write on stop to a directory in /etc/defaults
or something like that.

I will also add that if you are going down the route
of creating your own frow scratch, make sure you read
and re-read the HOWTO's on iptables and firewalling
and that you have a good knowledge of routing.

However if your requirements are very simple, it is 
not hard to do a Masquerade firewall. And if you wish
to go one step past that and close all outgoing ports
and then allow a few specific ones, that also is not
very complex.

-- 
--
   Dale Amon [EMAIL PROTECTED]+44-7802-188325
   International linux systems consultancy
 Hardware & software system design, security
and networking, systems programming and Admin
  "Have Laptop, Will Travel"
--

Re: Firewall: Need Advice

2004-02-07 Thread Simon Brandmair 
On Sat, 07 Feb 2004 09:40:12 +0100, E&Erdem wrote:

> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 

You wanna look there first: http://www.netfilter.org/. They have some
really good documentation.

Simon


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Firewall: Need Advice

2004-02-07 Thread Dale Amon 
On Sat, Feb 07, 2004 at 10:38:51AM +0200, E&Erdem wrote:
> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I
> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 

Since I do my own firewall from scratch and don't
touch the auto-installed stuff, I can only surmise.

There may be a script in /etc/init.d/ that is loading
a debian default firewall if you selected a package
with a default firewall.

I seem to remember running across a script that reads
on startup and write on stop to a directory in /etc/defaults
or something like that.

I will also add that if you are going down the route
of creating your own frow scratch, make sure you read
and re-read the HOWTO's on iptables and firewalling
and that you have a good knowledge of routing.

However if your requirements are very simple, it is 
not hard to do a Masquerade firewall. And if you wish
to go one step past that and close all outgoing ports
and then allow a few specific ones, that also is not
very complex.

-- 
--
   Dale Amon [EMAIL PROTECTED]+44-7802-188325
   International linux systems consultancy
 Hardware & software system design, security
and networking, systems programming and Admin
  "Have Laptop, Will Travel"
--


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Firewall: Need Advice

2004-02-07 Thread 
Hi,
I've been using iptables (or i assuming that). But at boot time it gives
an error: "Aborting iptables load: unknown rulesets "active" ". I
couldn't find the problem. I searched via google, and found
dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
documents. But i think i lost some points, because i don't understand
something. 

Before this i want to ask that, do i need firewall? Yes, i know this is
very important tool for whose, who taking care about security. And i can
say i'm a paranoid about security. But all of my ports closed. There
isn't any service listen. But sometimes i need httpd and ssh.

This machine shares internet connection with a small network. So i have
to becareful about this. 

Thanks now...

P.S: Sory, my English is not enough (especially technical) for telling
my problem in a clear way. I hope you can understand.  

-- 
__
 E&Erdem
--

Firewall: Need Advice

2004-02-07 Thread 
Hi,
I've been using iptables (or i assuming that). But at boot time it gives
an error: "Aborting iptables load: unknown rulesets "active" ". I
couldn't find the problem. I searched via google, and found
dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
documents. But i think i lost some points, because i don't understand
something. 

Before this i want to ask that, do i need firewall? Yes, i know this is
very important tool for whose, who taking care about security. And i can
say i'm a paranoid about security. But all of my ports closed. There
isn't any service listen. But sometimes i need httpd and ssh.

This machine shares internet connection with a small network. So i have
to becareful about this. 

Thanks now...

P.S: Sory, my English is not enough (especially technical) for telling
my problem in a clear way. I hope you can understand.  

-- 
__
 E&Erdem
-- 
   


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]