I've been trying to make the switch from windows to debian (mate), but I am utterly lost trying to find a replacement for my firewall (Outpost). I have become dependent on features like:
- per application outgoing/incoming TCP/UDP rules
- per application outgoing/incoming IP rules
- per application outgoing/incoming PORT rules
What i seek is a graphical firewall, (or Iptables-) GUI) that will popup a notification that a cirtain program wants to connect to the internet with a cirtain IP over a cirtain PORT and connectiontype.
It seems like FireFlier is what I want, but i was not able to get that running because it is most likely to old and no longer compatible:
(small update on FireFlier, Martin Maurer, the compiling error could be fixed by changing the order of lines 4 and 5 in server/backend.h which would then be
And although i'm still to clueless to get the rest working, [URL]....
Also from what I understand is that I should be able to achieve this with AppArmor or Selinux, but I was unable to do so. For the rest, all I could find where firewalls like Douane, that are just not powerfull enough [URL]...
I'm trying to build firewall on Debian with 'Firewall Builder'. But it won't let me compile and run unless one interface is set as management. There are two interfaces on my computer: 'eth0' and 'lo'
I don't want to be able to configure firewall remotely, so could I use 'lo' as 'management interface'?
i got a script from the internet to setp a centos as an gateway server for my lan. after installing the script, every thing worked fine. and in fact it does work well but what beats me is that when ever i restart the machine, upon booting and service startup, the systems hangs on starting up networking service. since i had not experience this ever before using this script, am confused as to if the script could be the cause. below is the exact script.my distro is centos 4.6
#!/bin/bash # Author: Muhammad Kamran Azeem ( kamran@wbitt.com This e-mail address is being protected from spambots. You need JavaScript enabled to view it )
I installed Firestarter firewall on debian Squeeze.Now i note there is a gui available in System->Administration which apparently does not need to be running all the time - its not set up to start on boot.When I boot I notice the boot message has a line saying "Starting Firestarter firewall .... failed"When I am logged in and type "/etc/init.d/firestarter status" as the Firestarter FAQs say, I get"Firestarter is running... ... (warning)"I can run the gui manually and still same message.
I suspect this is an initial configuration bug. All firewall logs seem to be going to all three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
We have a setup of around 10 computers with 1 linux server... We want to convert it into a centralized system where firewall services are activated from the linux server and certain websites are restricted from acess for the workstations.. Are there any good softwares for this.. open source preferably... I'm using debian already for the web server and file server already....
I installed the ferm firewall with aptitude in the debian squeeze, the ferm init script is installed to the /etc/init.d and it's enabled in the /etc/default/ferm: # configuration for /etc/init.d/ferm # Enable the ferm init script? (i.e. run on bootup) ENABLED=yes
My firewall keeps blocking something called CPQ-Wbem. There have been about 10 instances of this.
A machine on the network is advertising it runs, or looks for machines running, Compaq Insight Manager on TCP/2301. If the machine isn't yours or you haven't enabled Compaq's web-based remote management then silently drop it.
Now as far as i know i do not have a network, just a dsl connection. I also do not own a Compaq computer. So if someone who has some knowledge of this could you explain to me how a " network is advertising it runs, or looks for machines running, Compaq Insight Manager on TCP/2301 " . This would seem to me to be a local network thing not a www thing ?
how to configure my firestarter firewall. I have a website which requires the port 1935 to be open. I figured out how to open the port using firestarter. Is there anyway to make the port open only to this website, and not to every other website for security reasons of course.
I have just switched over from firestart to gufw.I have set all incoming traffic to deny and all outgoing traffic to allow.I have rules set for incoming traffic, and have only opened 1 port on my system for torrents. My router also only has the same port opened which again is for torrents.I use "Network Tools" which is included on squeeze and do a portscan of 192.168.1.100 and 127.0.0.1 I get all kinds of crazy ports coming back as opened. What is even stranger is if I do a few scans, these ports change, so one port on one scan may come up as open, then it will disappear and a different port may show as open.
Mind you none but the torrent port is forwarded in my router, I have no idea what any of these other ports are, or why they are even showing up.What the heck is going on? I dont think this is normal? Am I at any higher risk for attack?
Recently I have been working on iptables and trying to understand how to use it. Here's a little script I have written to setup a basic firewall for myself:
Code: #!/bin/bash if [ `id -u` -ne 0 ]; then echo "You need root privilege" exit 1 fi
PROG=/sbin/iptables $PROG -F function sethttp { echo "Opening http port..." $PROG -A INPUT -p tcp --dport 80 -j ACCEPT }
function sethttps { echo "Opening https port..." $PROG -A INPUT -p tcp --dport 443 -j ACCEPT }
function settorrent { echo "Opening torrent port..." $PROG -A INPUT -p tcp --dport 52413 -j ACCEPT }
while getopts "hst" option; do case "$option" in h) sethttp;; s) sethttps;; t) settorrent;; *) echo "DOH!" esac done
$PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $PROG -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT $PROG -A INPUT -i lo -j ACCEPT $PROG -A OUTPUT -o lo -j ACCEPT $PROG -A INPUT -j DROP $PROG -A FORWARD -j REJECT echo "Done setting up the firewall! Enjoy :)" exit 0
OK, this can take 3 arguments that open ports 80, 443 and 52413. And at the end, some default rules are applied. But here's the thing I don't understand: if I don't give the argument for port 80, I can still view web pages... and also, when I remove the line:
Code: $PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Whether I say it to open port 80 or not, I can't view any web pages.
I wonder do we need firewall for home pcs at all?I mean, fine, for servers and stuff, but I have my own laptop station. People have different position on this issue.
I am behind a university http proxy (squid) server and all of my internet connections have to go through it. I haven't been able to find any setting in Evolution that allows me to specify my proxy settings.
Searching on Google, it suggested that evolution can't work behind proxies and works only with direct connections to the internet.
I wanted to know if there is any way round this problem. I tried posting the same question on gnome list and gnome hacking list and no reply has come so far.
I have Linux computers that are often on client networks inside firewalls . They have access to the internet but I can't access them directly. I don't want to have to get the client to mess with NATing , etc . I have written a system that uses XMPP to allow me to send commands to the computers and run simple console commands which often time is enough. These are things like run a report and ftp up to server, restart a process, give me a process list. It works OK, but some networks even block this (Googletalk is not universally loved for some reason)
I am wondering if there is a prebuilt system that allows me a computer inside one firewall (say a standard adsl modem created one) communicate in some way with a computer inside a network created by another adsl modem. I could see some sort of console like logmein or pc anywhere but as much as I have looked I can't find anything. I have considered writing a cheap and cheerful system in http or even a TCP system using asyncore in python but there must be something existent. I have a server on the web that could be used as an intermediary, relay type thing. Basically some sort of chat server for consoles is what I am thinking about. Is there some sort of SSH voodoo that I could bridge/tunnel/vpn through.
I have created a firewall script to work via iptables on debian. This script is a derivative from the script on [url] and a course I'm following at school.
I'm not looking for a perfect solution or someone to grade my work. how to improve this script. while running this script I get a lot of errors back.
I wanted to know which is the best firewall application for my debian squeeze amd64 home desktop. I prefer a simple interface yet powerful enough. After googling I found two options - gufw & firestarter. I am not sure which one to choose between these two.
Consolidate several lines of a CSV file with firewall rules, in order to parse them easier?
I have a .csv file, which I created using an HTML export from a Check Point firewall. The objective is to have all the firewall configuration lines where a given host is present. I have to do this for a few hundred, manually is not a reasonable option. I'm going to write a simple Python script for this.
The problem is that the output from the Check Point firewall is complicated to work with. If a firewall rule works with several source or destination hosts, services or other configurations, instead of having them separated with a symbol other than a comma, I get a new line.
This prevents me from exporting the line where the host is present, since I would be missing info.
Let me show you an example, hostnames are modified, of course:
I've got a Shorewall (Shoreline?) firewall up and running, but it's logging to /var/log/messages. I'd much rather have it logging to another location e.g. /var/log/firewall but can't find (a clear enough) explanation on how to do this. Apparently, it varies greatly depending on the distro, the kernel, and the version of Shorewall that is running. You'd think it would be something as simple as setting a path in a config file, but apparently not. I'm running a stock Lenny kernel on the firewall machine. It comes with version 4.0.15 of Shorewall.
I have a CSV file, which I created using an HTML export from a Check Point firewall policy. Each rule is represented as several lines, in some cases. That occurs when a rule has several address sources, destinations or services.
I need the output to have each rule described in only one line. It's easy to distinguish when each rule begins. In the first column, there's the rule ID, which is a number.
Here's an example. In green are marked the strings that should be moved:
See example. The strings that should be moved are in bold:
Read the first column of the next line. If there's a number:
Evaluate the first column of the next line. If there's no number there, concatenate (separating with a comma) the strings in the columns of this line with the last one and eliminate the text in the current one
The output should be something like this. The strings in bold are the ones that were moved:
I've some file with .sh extensions that runs some softwares.Now,how do I stop running that filesI know we run the command ./start_tomcat.sh to start the apache.Is there any command to stop that file/process or is it just kill the process to stop the process
I need to un a script backup once a day, but crontab need to set the time to run, and sometimes the hour to run is missed and the script doent trigger, id like to run anytime the script once a day.,.
well i am doing an assignment about debian OS 5 . so i need some info about Deadlocks and how to kill a process using GUI interface . i already found a way to do it in Command line .
