Firewall config - Help

This is a discussion on Firewall config - Help ; I've got a stock Mandrake 9.1 system that I use over ssh. I originaly configured the firewall with the GUI utility, but I can't use that over ssh. Where is the firewall config file located? Thanks! - Pete...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Firewall config

  1. Firewall config

    I've got a stock Mandrake 9.1 system that I use over ssh. I originaly
    configured the firewall with the GUI utility, but I can't use that over ssh.
    Where is the firewall config file located?

    Thanks!
    - Pete



  2. Re: Firewall config

    answer

    see into /etc/sysconfig/iptacles

    shibu



    "Pete" wrote in message news:...
    > I've got a stock Mandrake 9.1 system that I use over ssh. I originaly
    > configured the firewall with the GUI utility, but I can't use that over ssh.
    > Where is the firewall config file located?
    >
    > Thanks!
    > - Pete


  3. Re: Firewall config

    SHIBU wrote:
    > answer
    >
    > see into /etc/sysconfig/iptacles
    >
    > shibu
    >
    >
    >
    > "Pete" wrote in message
    > news:...
    >> I've got a stock Mandrake 9.1 system that I use over ssh. I originaly
    >> configured the firewall with the GUI utility, but I can't use that
    >> over ssh. Where is the firewall config file located?
    >>
    >> Thanks!
    >> - Pete


    Thank you!

    - Pete



  4. Re: Firewall config

    "Petec" wrote ...
    > SHIBU wrote:
    > > "Pete" wrote ...
    > > > I've got a stock Mandrake 9.1 system that I use over ssh. I
    > > > originaly configured the firewall with the GUI utility, but I
    > > > can't use that over ssh. Where is the firewall config file
    > > > located?

    > >
    > > see into /etc/sysconfig/iptacles

    >
    > Thank you!


    It is not recomended that you edit /etc/sysconfig/iptables directly.
    The way I do it is to write a script that runs /sbin/iptables to add
    rules one by one, run that script, and then:

    '/sbin/iptables-save > /etc/sysconfig/iptables'

    Here's an example script that leaves port 22 (ssh) open. Modify it as
    you please. Use the contents of /etc/sysconfig/iptables as a guide.

    #!/bin/sh
    PATH=/sbin:$PATH
    iptables --flush
    iptables --delete-chain
    iptables -N block
    iptables -A block -i lo -j ACCEPT
    iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A block -m state --state NEW -p tcp --dport 22 -j ACCEPT
    iptables -A block -j DROP
    iptables -P INPUT ACCEPT
    iptables -A INPUT -j block
    iptables -P FORWARD ACCEPT
    iptables -A FORWARD -j block
    iptables -P OUTPUT ACCEPT

+ Reply to Thread