Re: [newbie] Firewall setup
On Friday 08 March 2002 01:38, Dr Joe Brand wrote: iptables and Bastille are installed, but drakconf still can't find them. I've removed them and reinstalled them to no avail. I think there is a problem with drakconf and the wizards it uses. When I start drakconf the following message apears in the shell window Subroutine _ redefined at /usr/X11R6/bin/drakconf.real line 271. Subroutine translate redefined at /usr/X11R6/bin/drakconf.real line 276. wizard-3.2.1-5mdk Then I click on the security-firewall and this error message appears. no package named iptables no package named Bastille What needs to be done to fix this? You could try updating your rpm database. In a terminal as root type # rpm --rebuilddb skinky -- oxymoron: Microsoft Works Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Firewall setup
iptables and Bastille are installed, but drakconf still can't find them. I've removed them and reinstalled them to no avail. I think there is a problem with drakconf and the wizards it uses. When I start drakconf the following message apears in the shell window Subroutine _ redefined at /usr/X11R6/bin/drakconf.real line 271. Subroutine translate redefined at /usr/X11R6/bin/drakconf.real line 276. wizard-3.2.1-5mdk Then I click on the security-firewall and this error message appears. no package named iptables no package named Bastille What needs to be done to fix this? Joe Ashley Reynolds wrote: On Wed, 6 Mar 2002, Dr Joe Brand wrote: Where can I get information on configuring a firewall? The GUI in drakconf is hosed. It says I need to install iptables and Basstille. You could easily install iptables and Bastille to fix DrakConf, by issuing the following commands, as root: urpmi iptables urpmi Bastille I would rather understand how to configure manually and what files need to be edited. You might want to look for documentation on 'iptables' then. Ashley -- Ashley Reynolds [EMAIL PROTECTED] http://www.binarytide.net An eye for an eye leaves the whole world blind. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Firewall setup
On Wed, 6 Mar 2002, Dr Joe Brand wrote: Where can I get information on configuring a firewall? The GUI in drakconf is hosed. It says I need to install iptables and Basstille. You could easily install iptables and Bastille to fix DrakConf, by issuing the following commands, as root: urpmi iptables urpmi Bastille I would rather understand how to configure manually and what files need to be edited. You might want to look for documentation on 'iptables' then. Ashley -- Ashley Reynolds [EMAIL PROTECTED] http://www.binarytide.net An eye for an eye leaves the whole world blind. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] firewall setup
Michael D. Viron wrote: Paul, First please try not to send an htmlized e-mail to the list, as sometimes people will see it as below, with all kinds of extra, html related stuff that makes it much harder to read. And others of us may see a very small unreadable typeface, or perhaps very large, or maybe even just right, but too small far too often. (on my 800x600 standard display) Randy Kramer
Re: [newbie] firewall setup
you can select three different options: 1: ethernet to 56k 2: ethernet to ethernet router/firewall (this is what i use. i have a cable modem and it works great) 3: ethernet to ethernet bridge I can explain in more detain if you need. just let me know James Massardo - Original Message - From: s [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, May 23, 2001 4:10 PM Subject: Re: [newbie] firewall setup I tried that route, but didn't have much luck. It seemed to want to be a bridge for ethernet with only connection capablities for 56k dial up. Is this correct or did I misunderstand/ do something wrong? -s On Wednesday 23 May 2001 01:14 pm, you wrote: a realy good firewall/dhcp/proxy server can be found at http://www.freesco.org i run it on an old 486 and it runs off one floppy disk
RE: [newbie] Firewall setup tool
Title: RE: [newbie] Firewall setup tool You may want to go to the Bastille web page and download the final release of Bastille. The one in 8.0 is release candidate 2 or something like that. InteractiveBastille should run out of /usr/sbin and you can do it in an x window su console if you load the Bastille-Tk-module*. It is then easier to look at and works quite well. Dennis M. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sridhar Dhanapalan Sent: Thursday, May 24, 2001 7:49 AM To: [EMAIL PROTECTED] Subject: [newbie] Firewall setup tool Hiya people, I just found a great tool hidden in Mandrake 8 that allows you to fine-tune the Bastille firewall (among other things) that can be set up from the Mandrake Control Centre. Just type InteractiveBastille in a root xterm. I have no idea why Mandrake chose to hide it the way they did (it's not in any of the GUI menus) -- it's such a great configuration tool, both easy to use and quite powerful. -- Sridhar Dhanapalan. There are two major products that come from Berkeley: LSD and UNIX. We don't believe this to be a coincidence. -- Jeremy S. Anderson
Re: [newbie] firewall setup
Thanks, and thanks for the offer to help further. I'll probably give it a shot again later today. Do you suppose i can still use my current gateway as a router for the internal lan and use the freesco for like a firewall between it and the internet? And how do I connect to adsl, as I use rp-pppoe currently, what do I do with freesco? As another way, Would it work if I set it up as a bridge between the internet and the dsl modem/lan? Would rp-pppoe still connect out through it? I doubt it. I could set it up as a bridge between the gateway and the lan, but I'd like to protect the gateway machine as well. I'd really like freesco to be my first line of defense. (That machine I want to put it on has a new unformatted hdd, and I'd like to keep it that way where hackers will only have what's in ram to mess with. They shouldn't have enough ram left to do much and then if they do get thru, they still have to contend with Bastille (is that what mandrake's firewall setup in control center uses?) on the present gateway. And then portsentry on the linux workstations and ZoneAlarm on the windows. How do you have your network set up? I'm not getting scanned as much now, but a couple of weeks ago, I was getting hammered! I think I even got compromised, as some critical file permissions had changed and my root password became iffy on the gateway. I was using pmfirewall with ipchains then. I feel a little more secure with this iptables thing in mandrake, but would feel better if I could get something else between us and the crackers. thanks. -s On Thursday 24 May 2001 09:03 am, James Massardo wrote: you can select three different options: 1: ethernet to 56k 2: ethernet to ethernet router/firewall (this is what i use. i have a cable modem and it works great) 3: ethernet to ethernet bridge I can explain in more detain if you need. just let me know James Massardo - Original Message - From: s [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, May 23, 2001 4:10 PM Subject: Re: [newbie] firewall setup I tried that route, but didn't have much luck. It seemed to want to be a bridge for ethernet with only connection capablities for 56k dial up. Is this correct or did I misunderstand/ do something wrong? -s On Wednesday 23 May 2001 01:14 pm, you wrote: a realy good firewall/dhcp/proxy server can be found at http://www.freesco.org i run it on an old 486 and it runs off one floppy disk
Re: [newbie] firewall setup
ok ill try not to get carried away. the cable comes into my house, into my cable modem, into eth0 in my gateway. then i have eth1 hooked to my hub which hooks to the rest of my computers. the gateway is an old 486dx 66 with two nics, video, and a floppy drive. freesco runs off of the floppy. my isp uses dhcp so eth0 is set to dhcp. i also have the dhcp server running in freesco so it serves ip addresses to all my computers. i live in a rural area so we dont get many attacks. the good thing about freesco is if you screw it up you can just pop it in to another machine, format the disk, and reload it back up. it takes less that 5min for me to set up the routing and firewall/nat on the gateway. sll you have to do to get the dhcp server is tell the setup that you want to use it. as for the rp-pppoe im not sure. we dont have that here. i will look thru the documentation i have and i will let you know if i find anything hope this helps. if you have any other questions, just ask, if i know i will gladly share. i hope everyone on this list feel this same way. i have only been using it(the list) for a little while and i have learned alot. i hope it will stay that way. james massardo From: s [EMAIL PROTECTED] To: Newbie [EMAIL PROTECTED] Subject: Re: [newbie] firewall setup Date: Thu, 24 May 2001 15:22:51 -0500 Thanks, and thanks for the offer to help further. I'll probably give it a shot again later today. Do you suppose i can still use my current gateway as a router for the internal lan and use the freesco for like a firewall between it and the internet? And how do I connect to adsl, as I use rp-pppoe currently, what do I do with freesco? As another way, Would it work if I set it up as a bridge between the internet and the dsl modem/lan? Would rp-pppoe still connect out through it? I doubt it. I could set it up as a bridge between the gateway and the lan, but I'd like to protect the gateway machine as well. I'd really like freesco to be my first line of defense. (That machine I want to put it on has a new unformatted hdd, and I'd like to keep it that way where hackers will only have what's in ram to mess with. They shouldn't have enough ram left to do much and then if they do get thru, they still have to contend with Bastille (is that what mandrake's firewall setup in control center uses?) on the present gateway. And then portsentry on the linux workstations and ZoneAlarm on the windows. How do you have your network set up? I'm not getting scanned as much now, but a couple of weeks ago, I was getting hammered! I think I even got compromised, as some critical file permissions had changed and my root password became iffy on the gateway. I was using pmfirewall with ipchains then. I feel a little more secure with this iptables thing in mandrake, but would feel better if I could get something else between us and the crackers. thanks. -s On Thursday 24 May 2001 09:03 am, James Massardo wrote: you can select three different options: 1: ethernet to 56k 2: ethernet to ethernet router/firewall (this is what i use. i have a cable modem and it works great) 3: ethernet to ethernet bridge I can explain in more detain if you need. just let me know James Massardo - Original Message - From: s [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, May 23, 2001 4:10 PM Subject: Re: [newbie] firewall setup I tried that route, but didn't have much luck. It seemed to want to be a bridge for ethernet with only connection capablities for 56k dial up. Is this correct or did I misunderstand/ do something wrong? -s On Wednesday 23 May 2001 01:14 pm, you wrote: a realy good firewall/dhcp/proxy server can be found at http://www.freesco.org i run it on an old 486 and it runs off one floppy disk _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: [newbie] firewall setup
I tried that route, but didn't have much luck. It seemed to want to be a bridge for ethernet with only connection capablities for 56k dial up. Is this correct or did I misunderstand/ do something wrong? -s On Wednesday 23 May 2001 01:14 pm, you wrote: a realy good firewall/dhcp/proxy server can be found at http://www.freesco.org i run it on an old 486 and it runs off one floppy disk
Re: [newbie] firewall setup
Well, the connection, firewall, and ipmasq in pretty easy in 8.0. I can't help with the samba cause we don't really want ours to communicate to each other. But with the prior, if you are doing a fresh install, choose set up lan and put in your ips for each of your machines and a submask. Then once you boot. Uninstall mdk rp-pppoe and Install rp-pppoe 3.0 (I think it is, their latest) cause I still haven't any luck with mdk version. Go into Mandrake Control Center under connection sharing and fill in the few blanks/questions. Go into the firewall part and answer the few questions. Then in a terminal type: adsl-setup. Answer the few questions. Type adsl-start and you should all be on the internet. These are the basic steps and easier said than done. If you need more help, the list is here. You may have to check around the internet for info on samba. -s On Wednesday 23 May 2001 12:45 pm, you wrote: Hi, everybody. I would like to set up a heterogenous home LAN using a Mandrake 8 desktop computer (with 2 NICs) as a firewall/router/connection to the internet (and normal workstation when needed), with one win98/mandrake8 laptop and one MacOS9/Suse7.1ppc desktop as peers to each other, connecting to the internet through the Mandrake 8 desktop and able to communicate to each other freely. Can anyone help me on how to begin this project? I am very new to networking, and am not sure how to setup a firewall/router, (or even the presice terms to describe what I'm doing). I would appreciate any help you can give me both in terms of pointing me towards available material and helping explain to me in simple terms what's involved. I figure the process should go in 4 simple? steps. -Setting up the router/workstation to work with 2 NICs and properly connect to the internet. -Set up the above computer as a gateway/firewall to the other two computers -set up the other two systems to connect to the internet through the gateway, then to each other (in Linux) -set up the other two systems to connect to the internet through the gateway, then to each other (in their respective dual-boot environments) I can't stress how much of a newbie I am with this, and I very much appreciate your help. Thank you. -Paul R Content-Type: text/html; charset=iso-8859-1; name=Attachment: 1 Content-Transfer-Encoding: quoted-printable Content-Description:
Re: [newbie] Firewall Setup
I'd like to know if there's a way to allow ICQ to function through a firewall on a Linux Machine. So far, I haven't been able to find a solution. I don't know about the linux version, but the Windows version has proxy support. Since ICQ acts as a server, but listens to dynamic port, it requires the use of a SOCKS proxy/firewall. Check your ICQ settings. ELB -- Eric L. Brine | Chicken: The egg's way of making more eggs. [EMAIL PROTECTED] | Do you always hit the nail on the thumb? ICQ# 4629314 | An optimist thinks thorn bushes have roses.
RE: [newbie] Firewall Setup
With the winblows version you can also setup ICQ to listen on a particular range of ports, usually around about 20 are needed. If you have several machines running ICQ through a single proxy then you need to set up each instance of ICQ to use a different range of ports. Obviously you will need to open these ports in your proxy. Hope this helps a little. There is also info on this in the ICQ homepage. Cheers: Michael Perry. RD. Dep. Netafim Magal. Linux -- the Ultimate Windows Service Pack -Original Message- From: Eric L. Brine [SMTP:[EMAIL PROTECTED]] Sent: Sun 16 April 2000 10:18 To: [EMAIL PROTECTED] Subject: Re: [newbie] Firewall Setup I'd like to know if there's a way to allow ICQ to function through a firewall on a Linux Machine. So far, I haven't been able to find a solution. I don't know about the linux version, but the Windows version has proxy support. Since ICQ acts as a server, but listens to dynamic port, it requires the use of a SOCKS proxy/firewall. Check your ICQ settings. ELB -- Eric L. Brine | Chicken: The egg's way of making more eggs. [EMAIL PROTECTED] | Do you always hit the nail on the thumb? ICQ# 4629314 | An optimist thinks thorn bushes have roses.
Re: [newbie] Firewall Setup
With the winblows version you can also setup ICQ to listen on a particular range of ports, usually around about 20 are needed. If you have several machines running ICQ through a single proxy then you need to set up each instance of ICQ to use a different range of ports. Obviously you will need to open these ports in your proxy. Hope this helps a little. There is also info on this in the ICQ homepage. Where shall I start reading about Proxies? What's the name of a good SOCKS5 compatible Linux software? (Is it SQUID?)