Re: Shorewall on Mandrake 9.2

From: Alan Raskin (araskin_at_allstream.net)
Date: 02/29/04

• Next message: Duane Arnold: "Re: BlackIce new release ccd"
• Previous message: Duane Arnold: "Re: BlackIce new release ccd"
• In reply to: johnny_at_n0sq.net: "Shorewall on Mandrake 9.2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 28 Feb 2004 20:53:03 -0800

johnny@n0sq.net wrote:
> I have Shorewall working OK on one of my Mandrake 9.1 boxes but it blocks
> all outgoing traffic on the Mandrake 9.2 box even though the default is to
> allow all outgoing traffic. I tried uninstalling, installing and
> reconfiguring to no avail. I have a similar problem on my notebook running
> Mandrake 9.1. What "gives"?

I think I had the same problem some time ago with 9.0. Below are my
notes about my resolution of the problem:

- Alan

The Mandrake 9.0 installation sets up Shorewall ("Shoreline firewall")
incorrectly. You'll need to visit www.shorewall.net, click on the "Quick
Start Guides (HOWTOs)" link in the left frame, click on the "Standalone
Linux system" link in the right frame, scroll down to the "Shorewall
Concepts" section and download the "one-interface sample". gunzip and
tar -vxf the downloaded one-interface.gtz, then edit the "interfaces"
file and change "eth0" to "ppp0" near the bottom of the file. Copy all
the sample files into /etc/shorewall, then run "shorewall restart" to
restart the firewall with the new configuration.

You'll need to be root, of course.

If you only have access to the Internet through your Linux system, run
"shorewall stop" and "shorewall clear" to shut down the firewall; don't
leave the firewall down for too long, though.

common:

. /etc/shorewall/common.def
run-iptables -A common -p udp --sport 53 -mstate --state NEW -j DROP

interface:

net ppp0 detect norfc1918,routfilter,dhcp

zones:

net Net Internet

---

• Next message: Duane Arnold: "Re: BlackIce new release ccd"
• Previous message: Duane Arnold: "Re: BlackIce new release ccd"
• In reply to: johnny_at_n0sq.net: "Shorewall on Mandrake 9.2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Shorewall glitch ... >I'm coming off a Mandrake 7.2 system which uses ipchains. ... I assumed iptables would be similar, but that has turned out to ... >shorewall, and they took the form of a "wizard" which I knew was a bad sign. ... There are 3 chains each chain has its own default Policy ... (comp.os.linux.security) Re: Mandrake 10, gateway/firewall setup HOWTO? ... Go into the Mandrake Control Center under security, firewall ... I would load webmin to allow you to play with the shorewall firewall files. ... I assume you have loaded your /etc/hosts file with LAN definitions. ... (comp.os.linux.networking) cant take it anymore: samba/firewall ... I barely qualify as a networking noob so it's ... win98 guest can print via samba just fine... ... Shorewall is set up perfectly for what I need so long as I don't want to ... If I shut the firewall off I don't ... (comp.os.linux.networking) [Full-disclosure] [SECURITY] [DSA 849-1] New shorewall packages fix firewall bypass ... "Supernaut" noticed that shorewall, the Shoreline Firewall, could ... If you are using the apt-get package manager, ... Debian GNU/Linux 3.1 alias sarge ... (Full-Disclosure) [SECURITY] [DSA 849-1] New shorewall packages fix firewall bypass ... "Supernaut" noticed that shorewall, the Shoreline Firewall, could ... If you are using the apt-get package manager, ... Debian GNU/Linux 3.1 alias sarge ... (Bugtraq)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.firewalls  > 2004-02