Please support VectorLinux!

Author Topic: Can't Seem To Set-up Firewall.....  (Read 1559 times)

never_stop_learning

  • Vectorite
  • ***
  • Posts: 263
    • CigarWeekly
Can't Seem To Set-up Firewall.....
« on: January 15, 2008, 12:03:14 am »
Running VL 5.9 Standard.

VASM >> Network >> Firewall >> New

I went with the defaults in 'Open'.

Start.

Enable.

And this is my iptables -L output:

Quote
vector:/~
root:# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Which tells me that I have not set the firewall up correctly?????

Where did I go wrong?

Thank you.....
Laptop: IBM X60s (Centrino/Duo, 2gb ram, 80gb hd) VL 6.0 Std
Netbook: HP Mini (Intel Atom 1ghz, 2gb ram, 16gb SSD + 8gb flash ) VL 6.0 Std
Desktop: Dell Dimension 5150 (P4 3ghz, 2gb ram, 80gb hd) VL 6.0 Std
Wife's Desktop: Gateway (P4 2ghz, 1gb ram, 80gb hd) VL 6.0 Std

never_stop_learning

  • Vectorite
  • ***
  • Posts: 263
    • CigarWeekly
Re: Can't Seem To Set-up Firewall.....
« Reply #1 on: January 15, 2008, 08:49:49 am »
Different machine running VL 5.8 Standard.

I followed the same steps and get this output from iptables -L:

Quote
vector:/~
root:# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:microsoft-ds
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpts:netbios-ns:netbios-ssn
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:microsoft-ds
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpts:netbios-ns:netbios-ssn
ACCEPT     all  --  anywhere             anywhere
TRUSTED    all  --  anywhere             anywhere            state NEW

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
DROP       icmp --  anywhere             anywhere            state INVALID

Chain TRUSTED (1 references)
target     prot opt source               destination
ACCEPT     all  --  192.168.0.0/24       anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
DROP       icmp --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable
vector:/~
root:#

I am confused by the different results etween 5.8 and 5.9. The same steps seem to work in 5.8 but not in 5.9. I even tried VL Easytables in 5.9 but still got the same (ACCEPT everything) result. Should I have followed different steps to set-up the firewall in 5.9 Standard?
« Last Edit: January 15, 2008, 10:56:41 am by never_stop_learning »
Laptop: IBM X60s (Centrino/Duo, 2gb ram, 80gb hd) VL 6.0 Std
Netbook: HP Mini (Intel Atom 1ghz, 2gb ram, 16gb SSD + 8gb flash ) VL 6.0 Std
Desktop: Dell Dimension 5150 (P4 3ghz, 2gb ram, 80gb hd) VL 6.0 Std
Wife's Desktop: Gateway (P4 2ghz, 1gb ram, 80gb hd) VL 6.0 Std