VectorLinux
June 19, 2013, 01:18:23 pm *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Visit our home page for VL info. To search the old message board go to http://vectorlinux.com/forum1. The first VL forum is temporarily offline until we can find a host for it. Thanks for your patience.
 
Now powered by KnowledgeDex.
   Home   Help Search Login Register  
Please support VectorLinux!
VectorLinux > The nuts and bolts > Networking & Security > Can't Seem To Set-up Firewall.....
Pages: [1]
« previous next »
  Print  
Author Topic: Can't Seem To Set-up Firewall.....  (Read 1138 times)
never_stop_learning
Vectorite
***
Posts: 263


WWW
« on: January 15, 2008, 12:03:14 am »
Running VL 5.9 Standard.

VASM >> Network >> Firewall >> New

I went with the defaults in 'Open'.

Start.

Enable.

And this is my iptables -L output:

Quote
vector:/~
root:# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Which tells me that I have not set the firewall up correctly?Huh?

Where did I go wrong?

Thank you.....
Logged
Laptop: IBM X60s (Centrino/Duo, 2gb ram, 80gb hd) VL 6.0 Std
Netbook: HP Mini (Intel Atom 1ghz, 2gb ram, 16gb SSD + 8gb flash ) VL 6.0 Std
Desktop: Dell Dimension 5150 (P4 3ghz, 2gb ram, 80gb hd) VL 6.0 Std
Wife's Desktop: Gateway (P4 2ghz, 1gb ram, 80gb hd) VL 6.0 Std
never_stop_learning
Vectorite
***
Posts: 263


WWW
« Reply #1 on: January 15, 2008, 08:49:49 am »
Different machine running VL 5.8 Standard.

I followed the same steps and get this output from iptables -L:

Quote
vector:/~
root:# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:microsoft-ds
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpts:netbios-ns:netbios-ssn
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:microsoft-ds
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpts:netbios-ns:netbios-ssn
ACCEPT     all  --  anywhere             anywhere
TRUSTED    all  --  anywhere             anywhere            state NEW

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
DROP       icmp --  anywhere             anywhere            state INVALID

Chain TRUSTED (1 references)
target     prot opt source               destination
ACCEPT     all  --  192.168.0.0/24       anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
DROP       icmp --  anywhere             anywhere
REJECT     all  --  anywhere             anywhere            reject-with icmp-port-unreachable
vector:/~
root:#

I am confused by the different results etween 5.8 and 5.9. The same steps seem to work in 5.8 but not in 5.9. I even tried VL Easytables in 5.9 but still got the same (ACCEPT everything) result. Should I have followed different steps to set-up the firewall in 5.9 Standard?
« Last Edit: January 15, 2008, 10:56:41 am by never_stop_learning » Logged
Laptop: IBM X60s (Centrino/Duo, 2gb ram, 80gb hd) VL 6.0 Std
Netbook: HP Mini (Intel Atom 1ghz, 2gb ram, 16gb SSD + 8gb flash ) VL 6.0 Std
Desktop: Dell Dimension 5150 (P4 3ghz, 2gb ram, 80gb hd) VL 6.0 Std
Wife's Desktop: Gateway (P4 2ghz, 1gb ram, 80gb hd) VL 6.0 Std
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.14 | SMF © 2006-2011, Simple Machines LLC Valid XHTML 1.0! Valid CSS!