guarddog firewall still active after de-installation (bug) - Network

This is a discussion on guarddog firewall still active after de-installation (bug) - Network ; I couldn't find the bugzilla relevant to Linux's 'guarddog' firewall, so I will post this problem/issue/bug here: On distro MEPIS 2004, which is a Debian-based distro, after installing guarddog v2.4.0 and activating it, I see what I consider to be ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: guarddog firewall still active after de-installation (bug)

  1. guarddog firewall still active after de-installation (bug)

    I couldn't find the bugzilla relevant to Linux's 'guarddog' firewall, so I
    will post this problem/issue/bug here:

    On distro MEPIS 2004, which is a Debian-based distro,

    after installing guarddog v2.4.0 and activating it, I see

    what I consider to be a somewhat-subtle but very confusing

    anomoly (bug).

    I had checked the disable-box in guarddog's GUI (well, I thought I had)

    and then noticed that the node could not be PINGed and that I could not

    reach the ftpd that was running there. Suspecting (correctly) that it might

    be

    that guarddog was still activated, I then reasoned that since I wanted to

    permanently disable guarddog (because there was an outer hardware-firewall

    already

    in place), decided to just DE-INSTALL guarddog completely. So I did that

    (using the semantics of 'apt-get remove guarddog', which is standard

    method).

    Maybe you can guess the rest? Even after de-installing, guarddog is

    still 'operational'!!! (To me, that is a BUG!)

    If one understood the details of implementation, one might realize why.

    I'm guessing here but I suspect that an ip-tables [i.e. 'data' remains in

    place]

    that allows guarddog to function without an 'active process'. But, the vast

    majority of users/managers of Linux don't know implementation detail at that

    level.

    (Nor should they be expected to!)

    Not sure how many other distros/platforms have this bug, but I would

    suspect

    that more than a few do.

    Cheers...

    Dave



  2. Re: guarddog firewall still active after de-installation (bug)

    In article , David Cook wrote:

    >I couldn't find the bugzilla relevant to Linux's 'guarddog' firewall, so I
    >will post this problem/issue/bug here:


    Hmmm, well I see you also posted this to alt.os.linux.suse. You are posting
    from the comcast.net news server, and I know it carries the regular
    comp.os.linux.* hierarchy - maybe you'd have better luck posting there.

    >On distro MEPIS 2004, which is a Debian-based distro,


    and thus, your post to a SuSE group as opposed to the Debian groups is
    questionable. Debian (and clones like Feather, Gibraltar, Kalango,
    Mepis, Munjoy, Physictools or Ubuntu) are not generally thought of as
    a beginner's distribution, any more that Gentoo or Slackware and clones.
    You may have better luck with a more popular distribution, like Fedora,
    Mandriva (formally Mandrake) or SuSE.

    >after installing guarddog v2.4.0 and activating it, I see
    >what I consider to be a somewhat-subtle but very confusing
    >anomoly (bug).
    >I had checked the disable-box in guarddog's GUI (well, I thought I had)
    >and then noticed that the node could not be PINGed and that I could not
    >reach the ftpd that was running there.


    Did you also stop the firewall? As for ftpd, there may also be controls
    in tcp_wrappers as well. 'man 5 hosts_access' discusses this, as does the
    Security-Quickstart-HOWTO.

    >Suspecting (correctly) that it might be
    >that guarddog was still activated, I then reasoned that since I wanted to
    >permanently disable guarddog (because there was an outer hardware-firewall
    >already in place),


    Actually, guarddog and most of the other "firewalls" are just wrappers or
    helpers to configure the real firewall, which is 'iptables' - a part of
    the kernel. These helper applications may (or may not) make it easier to
    do a task, but they often mask what is really being done.

    >decided to just DE-INSTALL guarddog completely. So I did that
    >(using the semantics of 'apt-get remove guarddog', which is standard
    >method).


    Yes, you used the package manager to remove the package. However since
    the real firewall is integral with the kernel, all you are doing is removing
    the knobs that you were using to control the firewall. The firewall itself
    being part of the kernel is going to continue to run until you disable that.

    >Maybe you can guess the rest? Even after de-installing, guarddog is
    >still 'operational'!!! (To me, that is a BUG!)


    As above - 'guarddog' isn't the firewall, it's the knobs that you can
    twiddle to set the iptables firewall.

    >If one understood the details of implementation, one might realize why.
    >I'm guessing here but I suspect that an ip-tables [i.e. 'data' remains in
    >place] that allows guarddog to function without an 'active process'.


    No, you are misunderstanding the functions of "guarddog" and iptables.
    It's the other way around.

    >But, the vast majority of users/managers of Linux don't know implementation
    >detail at that level.


    There are 470 plus HOWTOs, and mini-howtos totalling a bit over 3.9 million
    words, or about 11,900 pages. These may be installed on your system, but if
    not, you can get them from

    http://ibiblio.org/pub/linux/docs/HOWTO/
    http://en.tldp.org/HOWTO/HOWTO-INDEX/howtos.html

    The Linux Documentation Project has twentyseven books that you can download,
    covering many aspects of Linux.

    http://ibiblio.org/pub/linux/docs/linux-doc-project/
    http://tldp.org/guides.html

    >(Nor should they be expected to!)


    I think you are mistaken.

    >Not sure how many other distros/platforms have this bug, but I would
    >suspect that more than a few do.


    The bug is that you removed the steering wheel on the car, without first
    pulling to the side of the road, and stopping. Things might not work as
    you expect when you do that. You really should spend some time reading
    about the system so that you can understand what you are doing. They lied
    to you when they told you even an untrained monkey on crack can use a
    computer. Yes, there's a lot to learn.

    Old guy

+ Reply to Thread