Where should this firewall script be placed?

wardialer · 02-12-2005, 12:38 AM

I did a 'su' before the whole thing, and after the ./firewall command, it gave me this:

Code:

[vin001@localhost vin001]$ su
Password:
[root@localhost vin001]# cd /home/vin001/Documents
[root@localhost Documents]# chmod +x firewall
[root@localhost Documents]# ./firewall
[root@localhost Documents]#

It gave me nothing this time. How come??? I am far from over this. Looks like Im going to be up for a long long time.

win32sux · 02-12-2005, 12:38 AM

Quote:

Originally posted by wardialer
What I mean do I have to an 'su' BEFORE the whole command you gave me or part of the command do I need to an 'su'????

i didn't give you ONE command... i gave you a series of commands... here you go again:

THE COMMANDS IN RED REQUIRE ROOT TO DO THEM:

Code:

cd /home/myusername/Documents

chmod +x firewall

./firewall

service iptables save

reboot

and yes, that means you need to "su" before the red commands...

win32sux · 02-12-2005, 12:40 AM

Quote:

Originally posted by wardialer
It gave me nothing this time. How come???

that's perfectly fine, it's not supposed to give you anything cuz there nothnig in the script that says to print anything to the screen... relax...

post the output of "iptables -L" right now before you do the "service iptables save" so we can see...

wardialer · 02-12-2005, 12:41 AM

Code:

[vin001@localhost vin001]$ su
Password:
[root@localhost vin001]# cd /home/vin001/Documents
[root@localhost Documents]# chmod +x firewall
[root@localhost Documents]# ./firewall
[root@localhost Documents]#

It gave me this when I did an 'su' before these commands what you posted. It did not give any output this time

win32sux · 02-12-2005, 12:42 AM

that's perfect... let's see the output of "iptables -L" now...

wardialer · 02-12-2005, 12:43 AM

Code:

root@localhost vin001]# cd /home/vin001/Documents
[root@localhost Documents]# chmod +x firewall
[root@localhost Documents]# ./firewall
[root@localhost Documents]# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere           state INVALID
ACCEPT     all  --  anywhere             anywhere           state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@localhost Documents]#

Ok, then whats next????? ARE WE THERE YET?????

win32sux · 02-12-2005, 12:45 AM

EXCELLENT. now do the:

Code:

service iptables save

and make sure you remove your old iptables stuff from your rc.local file...

then reboot and do the "iptables -L" thing again...

wardialer · 02-12-2005, 12:47 AM

SHOULD I EXIT OUT WHERE I LEFT OFF IN THE KONSOLE OR DO THE SERVICE IPTABLES SAVE AND THE REBOOT COMMAND IN THE SAME KOSOLE AS WERE I LEFT OFF???

sHOULD i DO USE THE REBOOT COMMAND IN THE KOSOLE??? AND WHAT IS THE REBOOT COMMAND???

win32sux · 02-12-2005, 12:48 AM

Quote:

Originally posted by wardialer
WHAT IS THE REBOOT COMMAND???

GUESS.

wardialer · 02-12-2005, 12:49 AM

SHOULD I EXIT OUT WHERE I LEFT OFF IN THE KONSOLE OR DO THE SERVICE IPTABLES SAVE AND THE REBOOT COMMAND IN THE SAME KOSOLE AS WERE I LEFT OFF AFTER THE IPTABLES -L ???

sHOULD i DO USE THE REBOOT COMMAND IN THE KOSOLE??? AND WHAT IS THE REBOOT COMMAND???

UMMMMM...... shutdown -r ???? or shutdown -r now????

win32sux · 02-12-2005, 12:50 AM

Quote:

Originally posted by wardialer
UMMMMM...... shutdown -r ???? or shutdown -r now????

YES. whichever. you choose. hurry, i'm dying here.

"shutdown -r now" works fine...

wardialer · 02-12-2005, 12:51 AM

oK HOLD ON...

win32sux · 02-12-2005, 12:52 AM

Quote:

Originally posted by wardialer
SHOULD I EXIT OUT WHERE I LEFT OFF IN THE KONSOLE OR DO THE SERVICE IPTABLES SAVE AND THE REBOOT COMMAND IN THE SAME KOSOLE AS WERE I LEFT OFF AFTER THE IPTABLES -L ???

you don't need to exit anything, just stay in the same console and issue the command from there...

DID YOU CLEAR YOUR rc.local FILE???

win32sux · 02-12-2005, 01:00 AM

did you go on a smoke break or something??

wardialer · 02-12-2005, 01:01 AM

Code:

[vin001@localhost vin001]$ iptables -L
bash: iptables: command not found
[vin001@localhost vin001]$ su
Password:
[root@localhost vin001]# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere           state INVALID
ACCEPT     all  --  anywhere             anywhere           state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@localhost vin001]#

Please tell me that is OK????

And before we go, I would like you to verify that this script of yours does Stateful Packet Inspection. I want a script that does exactly the same as a Linksys Router, and that is Stateful packet Inspection....

And will this stealth ALL my ports??? I hope that this is a powerful firewall script that you gave me. After all this trouble.