4MLinuxThis forum is for the discussion of 4MLinux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I received an email concerning an important security feature introduced in 4MLinux 18.0. A user is asking why his WiFi printer is no longer working after updating 4MLinux to its latest stable version. The short answer is: the 4MLinux firewall is blocking your printer's port. Open the /etc/firewall/config file:
Code:
# Accept all internal requests:
LOCALHOST=yes
# Accept external ping requests:
PINGS=yes
# Accept external traceroute requests:
TRACEROUTE=yes
# Allow outgoing traffic:
OUTGOING=yes
# Allow incoming traffic to the following ports:
PORTS="21 22 23 80 443 3306"
# Allow passive ftp connections:
PASSIVE=yes
# Blacklist IP addresses from the following list:
BLACKLIST=/etc/firewall/black.list
and add your printer's port to the PORTS list.
**** Why does your firewall start itself again and again.
4MLinux 18.0 introduces a new brute-force protection. The SSH server in 4MLinux makes use of a new script (run via cron daemon), which scans log files for failed login attempts. If found, the script (re)starts firewall (with modified settings) to prevent/stop brute-force attacks.
Check the /var/log/btmp.log file to find out who is trying to log in into the system.
Are you using fail2ban? No need to restart the firewall. Also, restarting the firewall can pose a minor risk where, during restart, an established connection can be created.
Are you using fail2ban? No need to restart the firewall. Also, restarting the firewall can pose a minor risk where, during restart, an established connection can be created.
No. There is no fail2ban in 4MLinux. All servers in 4MLinux (Apache, MySQL, OpenSSH, Postfix, vsftpd, polipo) are controlled by simple, highly customized scripts written by me (customized = much different from the ones you can find in any other distro).
My anti-brute-force script modifies iptables settings and starts or restarts firewall to apply these changes. This may be a surprise for an user to see the firewall running, when the /etc/server/autostart.conf file looks as follows:
Code:
# Choose the servers to start during the boot time:
FIREWALL=no
FTP=no
HTTP=no
PROXY=no
SMTPD=no
SSH=yes
TELNET=no
The user can see the firewall ignoring these default setting by starting itself again and again (each boot). I wrote this post to explain what is going on.
Can I have a link to your scripts? I'm curious to read them. Also, I highly encourage you to design your firewall rules so it doesn't require restarting the firewall to apply rules. Check out the firewall rules for my raspberry pi. No seriously .
https://github.com/samrocketman/home...iptables.rules. You can add and remove rules from the *_allow and *_deny chains without having to affect refreshing the firewall. I got the idea from RedHat's firewalld (which is just a wrapper for iptables like most distro firewalls).
Can I have a link to your scripts? I'm curious to read them. Also, I highly encourage you to design your firewall rules so it doesn't require restarting the firewall to apply rules. Check out the firewall rules for my raspberry pi. No seriously .
https://github.com/samrocketman/home...iptables.rules. You can add and remove rules from the *_allow and *_deny chains without having to affect refreshing the firewall. I got the idea from RedHat's firewalld (which is just a wrapper for iptables like most distro firewalls).
To see it in action (e.g. in Virtual Box [32-bit]) you can use 4MLinux or this little baby: https://sourceforge.net/projects/thesss/ (my LAMP server, which is below 70MB in size :-)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
.
