Re: [newbie] tiny firewall
I should have reread your info below when I was ready to start the install. I did do the file limits and ended up with the su problem but I found the limits file and remarked out the appropriate line. I had another problem in that after the install of bastille, I started the firewall from the command line and the firewall worked better than the tiny firewall but I still have UDP ports closed (not blocked) and some UDP ports are wide open. Another problem occured after rebooting that caused me to not be able to surf the web. It seems that my DNS entries for my ISP's servers were preventing me from going anywhere. Strange problem since the internet connection was working with that config prior to rebooting. Don't know if I want to reboot and auto start bastille again and end up with more problems (too many other projects to do). At 06:44 PM 10/21/2001 -0500, Dennis Myers wrote: Matt is correct tiny firewall is just a quick and dirty to set the iptables and if you run Bastille you can set masquerading and choose ports to leave open or not. It is verbose in telling you what it is doing and very easy to set up, just do not accept the file limits thingy, that will kill your su from a console ability. There is a bug in it that missinterprets the value of the file size and tends to tick people off. HTH -- Dennis M. registered Linux user #180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] tiny firewall
Thanks Dennis. Since I have tiny firewall running, do I have to stop it or remove it or both so that I don't risk crashing my system or will InteractiveBastille automatically replace it? At 10:13 PM 10/20/2001 -0500, Dennis Myers wrote: On Saturday 20 October 2001 01:34 pm, you wrote: hmm, according to sygatetech.com, tiny firewall that comes with Mandrake 8.1 sucks. There's a port open that I specifically told it to block. What other options do I have? (I'm too lazy to learn iptables right now). Lee, you might try setting up the full Bastille firewall. Go to a su console and cd to the /sbin and then at the prompt typeInteractiveBastille just like I have it and without the quotes. This will start the graphical setup of the full blown firewall. Then if you want to check what you have set as blocked, take a look at /etc/Bastille/bastille-firewall.conf and edit that if you see something left open that you don't want open. HTH -- Dennis M. registered Linux user #180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] tiny firewall
On Sunday 21 October 2001 12:38 pm, you wrote: Thanks Dennis. Since I have tiny firewall running, do I have to stop it or remove it or both so that I don't risk crashing my system or will InteractiveBastille automatically replace it? As I understand it, Tiny Firewall and Bastille are just interfaces to the kernel's iptables. So setting Bastille will just replace what Tiny Firewall did to iptables. Either way, I set up Bastille while Tiny Firewall was running without any problems. Bastille's widgets (lesstif?) make it hard to figure out which radio button is selected, so I'd pay attention to that. I made an error because of that the first time around. Matt Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] tiny firewall
On Sunday 21 October 2001 10:38 pm, you wrote: I ran InteractiveBastille and got an error message that Bastille_Tk.pm could not be found. A search of the entire drive turned up nothing for this file. What does this file do and how do I create it? That file drives the gui for setting up Bastille. For some reason it is not installed by default. If you load up rpmdrake you should be able to find its rpm as an installable from one of the cds. -- Matt I'd be a pacifist too if I fought like you. -- Home Movies Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] tiny firewall
I ran InteractiveBastille and got an error message that Bastille_Tk.pm could not be found. A search of the entire drive turned up nothing for this file. What does this file do and how do I create it? At 10:13 PM 10/20/2001 -0500, Dennis Myers wrote: On Saturday 20 October 2001 01:34 pm, you wrote: hmm, according to sygatetech.com, tiny firewall that comes with Mandrake 8.1 sucks. There's a port open that I specifically told it to block. What other options do I have? (I'm too lazy to learn iptables right now). Lee, you might try setting up the full Bastille firewall. Go to a su console and cd to the /sbin and then at the prompt typeInteractiveBastille just like I have it and without the quotes. This will start the graphical setup of the full blown firewall. Then if you want to check what you have set as blocked, take a look at /etc/Bastille/bastille-firewall.conf and edit that if you see something left open that you don't want open. HTH -- Dennis M. registered Linux user #180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] tiny firewall
On Saturday 20 October 2001 01:34 pm, you wrote: hmm, according to sygatetech.com, tiny firewall that comes with Mandrake 8.1 sucks. There's a port open that I specifically told it to block. What other options do I have? (I'm too lazy to learn iptables right now). Lee, you might try setting up the full Bastille firewall. Go to a su console and cd to the /sbin and then at the prompt typeInteractiveBastille just like I have it and without the quotes. This will start the graphical setup of the full blown firewall. Then if you want to check what you have set as blocked, take a look at /etc/Bastille/bastille-firewall.conf and edit that if you see something left open that you don't want open. HTH -- Dennis M. registered Linux user #180842 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] tiny firewall
I *believe* that tiny firewall is native to mandrake. (i could be very wrong here) But, if you want a very in depth Firewall setup I would recommend interactive Bastille. It will take about a half hour to set up. Every question-setting is accompanied with a detailed explaination and allows for granular control over your firewall setup. I found it was fairly intuitive to set mine up, but I could defnately see where some might not know what to do with some of the settings. Again, there is very good documentation accompanying each setting. On Thursday 30 August 2001 09:51, you wrote: howdi is there a better config program for tiny firewall than the one in mandrake setup thing (the purple computer icon) - i'm away from my machine now and can't remember it's name - I need to allow ports for network gaming (eg Quake 3 and UT) to be opened, but I want to close things like FTP, SMTP, POP etc... Thanks Robert Content-Type: text/plain; charset=iso-8859-1; name=message.footer Content-Transfer-Encoding: 8bit Content-Description: -- Jennifer #221463 Yahoo IM: jlynn2k */Please don't feed the screaming idiots #include wisdom.h void ignorance (it offers no value) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] tiny firewall
I *believe* that tiny firewall is native to mandrake. (i could be very wrong here) But, if you want a very in depth Firewall setup I would recommend interactive Bastille. It will take about a half hour to set up. Every question-setting is accompanied with a detailed explaination and allows for granular control over your firewall setup. I found it was fairly intuitive to set mine up, but I could defnately see where some might not know what to do with some of the settings. Again, there is very good documentation accompanying each setting. On Thursday 30 August 2001 09:51, you wrote: howdi is there a better config program for tiny firewall than the one in mandrake setup thing (the purple computer icon) - i'm away from my machine now and can't remember it's name - I need to allow ports for network gaming (eg Quake 3 and UT) to be opened, but I want to close things like FTP, SMTP, POP etc... Thanks Robert Content-Type: text/plain; charset=iso-8859-1; name=message.footer Content-Transfer-Encoding: 8bit Content-Description: -- Jennifer #221463 Yahoo IM: jlynn2k */Please don't feed the screaming idiots #include wisdom.h void ignorance (it offers no value) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Tiny Firewall
Hi All: Can anyone tell me where the script, which the Tiny Firewall configuration tool writes, is then stored? I am interested in seeing how the script compares with IPChains and IPTables scripts. Thanks, Dennis in Waco
