Em 13/02/2019 00:54, deonte.street...@protonmail.com escreveu:
> Complete Noob here I’m trying to install firewalld on Trisquel from the
> source tar.gz file but I’m not exactly sure how to do so
I don't know what you want to do with firewalld, but I personally use
iptables, which is already installed by Trisquel's default. The note is
that NetworkManager (also installed by default) makes iptables stay in
allow-everything by default. Both iptables and NetworkManager are good
to have, don't uninstall. Instead, configure this one to allow iptables
to coexist while still letting NetworkManager control the connections.
To allow iptables to coexist with NetworkManager, you will need to make
a simple text file in "/etc/NetworkManager/dispatcher.d" whose name
would appear first when sorting alphabetically, I would suggest any name
starting with "01" (a zero and the number 1).
In that file, put something like this (not tested, some tweaks or test
might need to be done):
--cut-here-
case "$2" in
up) /sbin/iptables-restore -c < /etc/iptables.rules;;
down) /sbin/iptables-save -c > /etc/iptables.rules;;
*) ;;
esac
--cut-here-
Set the permissions and ownership of simple text file created like this:
--cut-here-
chmod "u=rwx,g=rx,o=rx" "File"
chown "root:root" "File"
--cut-here-
Restart the computer and from now on you can use the power of iptables
to do more than what port-based firewalls do, by using a packet
inspection driven rule set.
signature.asc
Description: OpenPGP digital signature
