Solved

Linux firewall

Posted on 2002-05-25
4
155 Views
Last Modified: 2010-03-18
Hi
I am using mandrake 8.2
I need to protect against atacks from the net
What is the best firewall for my case?
Is there some firewall that I can configure in X86 environment?

Thanks
0
Comment
Question by:maomorta
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 200 total points
ID: 7034659
use iptables as firewall
There exist a GUI for it too: FWBuilder, and some others
AFAIK admins who whant to protect their site do not use GUIs, but realy know what they configure ;-)
0
 

Author Comment

by:maomorta
ID: 7045725
Hi
The program have a good interface but I have a problem
When I try to execute the shell script I receive the following error:

./test.fw
+ '[' -x /usr/bin/logger ']'
+ logger -p info 'Activating firewall script compaq.ottolini.pt.fw generated Fri May 31 01:27:34 2002 WET by fmmr'
+ modprobe ip_conntrack
/lib/modules/2.4.18-6mdk/kernel/net/ipv4/netfilter/ip_conntrack.o.gz: init_module: Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters
modprobe: insmod /lib/modules/2.4.18-6mdk/kernel/net/ipv4/netfilter/ip_conntrack.o.gz failed
modprobe: insmod ip_conntrack failed
+ exit 1

Do you know how to correct it?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7049738
I highly recommend to build the iptables into the kernel, and not use modules.
The erro seems to be as it says: busy (invalid parameters, etc).
0
 

Expert Comment

by:Chungkuo
ID: 7059897
As root, list the modules you have currently loaded with lsmod. You should see something like this:

ipt_state                608   3  (autoclean)
ipt_MASQUERADE          1216   1  (autoclean)
ipt_LOG                 3104   7  (autoclean)
iptable_mangle          2144   0  (autoclean) (unused)
iptable_filter          1728   1  (autoclean)
iptable_nat            12756   1  [ipt_MASQUERADE]
ip_conntrack           12748   2  [ipt_state ipt_MASQUERADE iptable_nat]
ip_tables              10304   8  [ipt_state ipt_MASQUERADE ipt_LOG iptable_mangle iptable_filter iptable_nat]

These are the modules you need loaded for most iptables functions (if you want MAC filtering, you need to load ipt_mac as well).

Try loading the modules outside of the shell script using modprobe. Try:

modprobe ip_conntrack

and see what happens. Also try loading a couple of the other modules (like ip_tables and iptable_nat) and see if they load.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question