Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Alien Bob's Easy Firewall Generator
568 views
Skip to first unread message
Chick Tower
Jun 4, 2012, 11:22:14 PM6/4/12
to
I decided to try out this version of Easy Firewall Generator on a new
installation of Slackware 13.37 on a laptop. I un-tarred it, but I
don't see what to do with it. Is firewall.inc the firewall script I
just need to rename and put in /etc/rc.d? If so, what are all the other
files for, and when would I configure it? I tried running firewall.inc
at the command-line (php firewall.inc) and opening it in w3m (which just
displayed the script). Can someone tap me with a clue stick to get me
started? Thanks.
--
Chick Tower
For e-mail: aols2 DOT sent DOT towerboy AT xoxy DOT net
installation of Slackware 13.37 on a laptop. I un-tarred it, but I
don't see what to do with it. Is firewall.inc the firewall script I
just need to rename and put in /etc/rc.d? If so, what are all the other
files for, and when would I configure it? I tried running firewall.inc
at the command-line (php firewall.inc) and opening it in w3m (which just
displayed the script). Can someone tap me with a clue stick to get me
started? Thanks.
--
Chick Tower
For e-mail: aols2 DOT sent DOT towerboy AT xoxy DOT net
Kees Theunissen
Jun 5, 2012, 4:19:10 AM6/5/12
to
Chick Tower wrote:
> I decided to try out this version of Easy Firewall Generator on a new
> installation of Slackware 13.37 on a laptop. I un-tarred it, but I
> don't see what to do with it. Is firewall.inc the firewall script I
No, index.php is the (web based) script. It includes firewall.inc and
> I decided to try out this version of Easy Firewall Generator on a new
> installation of Slackware 13.37 on a laptop. I un-tarred it, but I
> don't see what to do with it. Is firewall.inc the firewall script I
form.inc.
> just need to rename and put in /etc/rc.d? If so, what are all the other
> files for, and when would I configure it? I tried running firewall.inc
> at the command-line (php firewall.inc) and opening it in w3m (which just
> displayed the script). Can someone tap me with a clue stick to get me
> started? Thanks.
To install this program, simply extract the contents to the desired
directory in your configured documents tree in your web server.
Regards,
Kees.
--
Kees Theunissen.
Chick Tower
Jun 5, 2012, 10:13:53 PM6/5/12
to
On 2012-06-05, Kees Theunissen <theu...@rijnh.nl> wrote:
> You might start reading the INSTALL file:
>
> To install this program, simply extract the contents to the desired
> directory in your configured documents tree in your web server.
Thanks, Kees. I did read that file, but somehow I missed the words "in
> You might start reading the INSTALL file:
>
> To install this program, simply extract the contents to the desired
> directory in your configured documents tree in your web server.
your web server." I'm not going to run a web server just to configure a
firewall script. I'll use the one on-line.
Joe Rosevear
Jun 10, 2012, 12:40:16 PM6/10/12
to
Chick Tower <c.t...@deadspam.com> wrote:
> I decided to try out this version of Easy Firewall Generator on a new
> installation of Slackware 13.37 on a laptop. I un-tarred it, but I
> don't see what to do with it. Is firewall.inc the firewall script I
> just need to rename and put in /etc/rc.d? If so, what are all the other
> files for, and when would I configure it? I tried running firewall.inc
> at the command-line (php firewall.inc) and opening it in w3m (which just
> displayed the script). Can someone tap me with a clue stick to get me
> started? Thanks.
Where's Bob?
> I decided to try out this version of Easy Firewall Generator on a new
> installation of Slackware 13.37 on a laptop. I un-tarred it, but I
> don't see what to do with it. Is firewall.inc the firewall script I
> just need to rename and put in /etc/rc.d? If so, what are all the other
> files for, and when would I configure it? I tried running firewall.inc
> at the command-line (php firewall.inc) and opening it in w3m (which just
> displayed the script). Can someone tap me with a clue stick to get me
> started? Thanks.
I'm guessing, but I think this is a web based tool. Furthermore, I
think it is already installed and ready to use at this location:
http://connie.slackware.com/~alien/efg/
To find the above I Googled
Alien bob's easy firewall generator
The tool seems to make a file that you save as rc.firewall. I don't
understand what you do with it, since I don't think I use such a file.
I have always made and used /etc/rc.d/rc.firewall-iptables.
(I put that together with files /etc/rc.d/rc.local and /etc/dhcpd.conf
in a box with two nics, and it makes a nice router--dhcp server and
gateway).
Ah. I Googled
what is rc.firewall
I found this
http://www.linuxquestions.org/questions/linux-security-4/iptables-firewall-vs-rc-firewall-150659/
Seems things are more complex than what I thought. The above explains
about a script (rc.firewall) that generates an rc.firewall-iptables
file. Maybe someone could step in and explain?
I hope this helps the OP. Seems I need some help too.
-Joe
--
http://JosephRosevear.com
http://RosevearSoftware.com
notbob
Jun 10, 2012, 1:26:41 PM6/10/12
to
On 2012-06-10, Joe Rosevear <Joe_Ro...@localhost.invalid> wrote:
> I hope this helps the OP. Seems I need some help too.
Although I appreciate all Alien Bob's efforts, I use Arno's firwall,
> I hope this helps the OP. Seems I need some help too.
instead. It's entirely script based, using Arno's config script to
config iptables. It's about as complete and secure as iptables can be
made. Arno seems to have figured out exactly what is good security
practices and what are pointless settings. If you want to customize
it, you simply edit Arno's script and run it again. The FW cuts off
ALL incoming connections and does stateful inspection of ALL outgoing
connections you may make. This is the default config. It's updated
constantly and now even has an automatic install script. Takes a bit
of reading to understand how to install it (README has a special
Slackware section), but once up and running it does all I've ever
wanted or needed in a packet filtering FW, securing against things
beyond my understanding. The only thing I've ever done after yrs of
using Arno's FW is open an ssh port. Make sure you harden ssh if you
choose to do this:
http://tinyurl.com/y9ybb7f
nb
--
vi --the heart of evil!
Support labeling GMOs
<http://www.labelgmos.org/>
Fritz Wuehler
Jun 11, 2012, 3:03:02 PM6/11/12
to
> Although I appreciate all Alien Bob's efforts, I use Arno's firwall,
+1 on both topics
I've been using Arno since way back on Slack. It's really good.
Chick Tower
Jun 12, 2012, 12:16:28 AM6/12/12
to
On 2012-06-10, notbob <not...@nothome.com> wrote:
> Although I appreciate all Alien Bob's efforts, I use Arno's firwall,
> instead.
I usually use Arno's firewall, too, but I thought I'd try something
> Although I appreciate all Alien Bob's efforts, I use Arno's firwall,
> instead.
different. I think I'll install Arno's again, though.
Edwin Johnson
Jun 12, 2012, 11:58:59 AM6/12/12
to
On 2012-06-12, Chick Tower <c.t...@deadspam.com> wrote:
> On 2012-06-10, notbob <not...@nothome.com> wrote:
> I usually use Arno's firewall, too, but I thought I'd try something
> different. I think I'll install Arno's again, though.
You might take a look at Jay's Firewall, if it is still available. I've been
> On 2012-06-10, notbob <not...@nothome.com> wrote:
> I usually use Arno's firewall, too, but I thought I'd try something
> different. I think I'll install Arno's again, though.
using it for many years and rather easy to configure and works well. Based
on replies I'm going to take a look at Arno's just to see what it is like.
...Edwin
____________________________________________________________
"Once you have flown, you will walk the earth with your eyes
turned skyward, for there you have been, there you long to
return."-da Vinci http://bellsouthpwp2.net/e/d/edwinljohnson
Groksplynk
Jun 17, 2012, 9:08:03 AM6/17/12
to
On Tue, 12 Jun 2012 04:16:28 +0000, Chick Tower - whined, cried and
carried on like an moronic 8 year old little girl and bashed out this crap
on its keyboard:
> On 2012-06-10, notbob <not...@nothome.com> wrote:
>> Although I appreciate all Alien Bob's efforts, I use Arno's firwall,
>> instead.
>
> I usually use Arno's firewall, too, but I thought I'd try something
> different. I think I'll install Arno's again, though.
Shorewall's a good one too and the mailing list is very active.
--
If Bill Gates had a nickle for every time Windows crashed...Oh, wait, he
does!
- from a slashdot.org post
carried on like an moronic 8 year old little girl and bashed out this crap
on its keyboard:
> On 2012-06-10, notbob <not...@nothome.com> wrote:
>> Although I appreciate all Alien Bob's efforts, I use Arno's firwall,
>> instead.
>
> I usually use Arno's firewall, too, but I thought I'd try something
> different. I think I'll install Arno's again, though.
--
If Bill Gates had a nickle for every time Windows crashed...Oh, wait, he
does!
- from a slashdot.org post
0 new messages