MANDRIVA - Setting up SHOREWALL

Last update on August 24, 2009 12:48 AM by aquarelle
Published by deri58

MANDRIVA-Setting up Shorewall
Linux like other OS doesn't escape the rule, it needs to be protected against attacks and intrusion, so better equip your system with firewall before getting connected to the internet. A good exam[le of this kind of software is namely The Shorewall (it provide a direct access through thedrakfirewall using the console mode root).


drakfirewall:A small tool allowing you to set up a basic firewall on your system.
shorewall is default to Mandriva distribution.

Getting started


Checking if service is enabled at startup


You must be aware by now GNU / Linux services are called daemons...Below you shall be provided, the necessary steps to set up your firewall.
  • Go toMandriva Linux Control Center (root password required)
  • In the System tab, select theEnable or disable system services option and search for the shorewall daemon.
  • Note that it is crucial that this service should be defined as active and checked at startup.


The next step is to access the configuration panel of your firewall( configure your settings):-)
  • Open a root user console and type in <gras>drakfirewall to access the Mandriva Linux Control Center
  • From there to the Security tab
  • Click on: Setting up a personal firewall to protect the computer,
  • Don't forget to uncheck the boxes that disable you firewall at startup.

Enter your preferences


After the steps below,you will be provided with the multiple options and features,you may want to add to your firewall settings. These are discussed below:


The options you better check:
  • Web Server: Important when hosting a website or a blog.
  • Server name domain: Verify if association of network machine name to an IP address is allowed by your system.
  • SSH Server: Secure connection to another machine (remote access) is allowed.
  • FTP server: FTP transfers will not be secured, your username and password can be easily retrieved.
  • POP and IMAP Server: In the case that your computer acts solely as a mail server.
  • Windows File Sharing:If you installed Samba server, that will be connected with Windows based systems. If the machine is directly connected to the Web,better disable this feature.
  • Server Cups:For print sharing in local network, enable it.If the machine is directly connected to the Web,better disable this feature.
  • Echo Request (ping): Just ping to see whether a machine exists at the end of an IP address.If response is +ve, then check.

Advanced Settings


Handling BitTorrent Transfer
Clicking the Advanced button (bottom of the window), you can refine the settings.

You must actually access it to add permissions( Necessary to enable BitTorrent transfer).

E.g
If you want to add the TCPports 6881 to 6889 . Simply enter 6881:6889 / tcp. If in addition you want to add TCP port 8080, it will be
6881:6889/tcp 8080/tcp. Which you have included:
- 6881:6889 for ports 6881 to 6889
- / Or tcp/udp as the case directly attached to the port number
- A space between two different ports.

BitTorrent


Mandriva is a frequently used BitTorrent protocol. Let's see this tip

- Allowed port 6881 to TCP 6889 by the Advanced button.
This gives 6881:6889/tcp
- Then, edit the file /etc/services root user.
E.g using profile: Username
Username/etc/services
- After a search of this file (Edit menu/ search), it was found that no permission required for BitTorrents ports 6881 to 6889.
- You can add the following lines 

BitTorrent	6881/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6882/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6883/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6884/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6885/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6886/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6887/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6888/tcp	BitTorrent	# Transferts BitTorrent
BitTorrent	6889/tcp	BitTorrent	# Transferts BitTorrent


Explanation:
  • Define the first BitTorrent service,
  • Each port gets a BitTorrent service, one after the other,
  • Define the second BitTorrent is an alias, to avoid getting lost in the procedure.

Multiple firewalls


Not worth trying this type of trick: Multiple firewall = Multiple conflicts =Multiple Problems.
  • No internet connection
  • System crashes or lag



So better make a choice between Shorewall and its competitors.
Best answers for « MANDRIVA Setting up SHOREWALL » in :
Setting up a virtual private network (VPN) Show Setting up a virtual private network (VPN) Local area networks (LAN ) networks are internal to an organization, i.e. the connections between machines belong to the organization. These networks are increasingly connected to the Internet...
Setting up wireless Network Show
Introduction to setting up an intranet Show Status of this document This document explaining how to set up an intranet on a machine running Linux has been made possible through a partnership with www.tldp.org/, whose webmaster (Michel Maudet) is the author of the original document. What is...
Creating manually your ADSL connection ShowCreating manually your ADSL connection. Go to the new network setup wizard. Setting up your connection: The interfaces of connection utility programs provided by most Internet Service Provider are sometimes hard to configure and to...
How to access your BIOS set up ShowHow to access your BIOS set up Depending on your computer model, the way you will access your BIOS set up menu will differ. Here is a list of the most common models used and the access key used for this process. ACER You can make use...
VirtualBox: Setting an internet access for a Vista VM ShowVirtualBox: Setting an internet access for a Vista VM To use the Internet with Vista via VirtualBox under Ubuntu Gutsy (7.10), for example: Vista natively has no internet connection in VirtualBox (unlike XP) as Ethernet controller is...
Download Dev-C++ Show
Download PS3 Media Server ShowThis simple and free software is designed to connect PS3 to a computer in DLNA in for webradios, youtube and automatic encryption. It does not require any codec pack. This software supports all PS3 formats: MP3, JPG, PNG, GIF, TIFF and all types...
Creating a local area network ShowWhy set up a local area network? When you have several computers, it can be convenient to connect them to each other to create a local area network (LAN). Setting up such a network costs very little, contrary to what people may think. Here are a...
Creating an ad hoc WiFi network ShowPresentation of the ad hoc WiFi network If you have two or more computers equipped with wireless adapters (WiFi cards), it is possible to easily connect them in a network by setting up a so-called "ad hoc" network, that is, a computer-to-computer...
Creating an ad hoc WiFi network ShowPresentation of the ad hoc WiFi network If you have two or more computers equipped with wireless adapters (WiFi cards), it is possible to easily connect them in a network by setting up a so-called "ad hoc" network, that is, a computer-to-computer...
They need your help