maomorta
asked on
Linux firewall
Hi
I am using mandrake 8.2
I need to protect against atacks from the net
What is the best firewall for my case?
Is there some firewall that I can configure in X86 environment?
Thanks
I am using mandrake 8.2
I need to protect against atacks from the net
What is the best firewall for my case?
Is there some firewall that I can configure in X86 environment?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I highly recommend to build the iptables into the kernel, and not use modules.
The erro seems to be as it says: busy (invalid parameters, etc).
The erro seems to be as it says: busy (invalid parameters, etc).
As root, list the modules you have currently loaded with lsmod. You should see something like this:
ipt_state 608 3 (autoclean)
ipt_MASQUERADE 1216 1 (autoclean)
ipt_LOG 3104 7 (autoclean)
iptable_mangle 2144 0 (autoclean) (unused)
iptable_filter 1728 1 (autoclean)
iptable_nat 12756 1 [ipt_MASQUERADE]
ip_conntrack 12748 2 [ipt_state ipt_MASQUERADE iptable_nat]
ip_tables 10304 8 [ipt_state ipt_MASQUERADE ipt_LOG iptable_mangle iptable_filter iptable_nat]
These are the modules you need loaded for most iptables functions (if you want MAC filtering, you need to load ipt_mac as well).
Try loading the modules outside of the shell script using modprobe. Try:
modprobe ip_conntrack
and see what happens. Also try loading a couple of the other modules (like ip_tables and iptable_nat) and see if they load.
ipt_state 608 3 (autoclean)
ipt_MASQUERADE 1216 1 (autoclean)
ipt_LOG 3104 7 (autoclean)
iptable_mangle 2144 0 (autoclean) (unused)
iptable_filter 1728 1 (autoclean)
iptable_nat 12756 1 [ipt_MASQUERADE]
ip_conntrack 12748 2 [ipt_state ipt_MASQUERADE iptable_nat]
ip_tables 10304 8 [ipt_state ipt_MASQUERADE ipt_LOG iptable_mangle iptable_filter iptable_nat]
These are the modules you need loaded for most iptables functions (if you want MAC filtering, you need to load ipt_mac as well).
Try loading the modules outside of the shell script using modprobe. Try:
modprobe ip_conntrack
and see what happens. Also try loading a couple of the other modules (like ip_tables and iptable_nat) and see if they load.
ASKER
The program have a good interface but I have a problem
When I try to execute the shell script I receive the following error:
./test.fw
+ '[' -x /usr/bin/logger ']'
+ logger -p info 'Activating firewall script compaq.ottolini.pt.fw generated Fri May 31 01:27:34 2002 WET by fmmr'
+ modprobe ip_conntrack
/lib/modules/2.4.18-6mdk/k
Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters
modprobe: insmod /lib/modules/2.4.18-6mdk/k
modprobe: insmod ip_conntrack failed
+ exit 1
Do you know how to correct it?