firewall-script doesn't start
Howdy! I just installed the Suse-firewall-pakage from german 6.3 on my PC. Unfortunately it doesn't start during boot, although I set the START_FW in /etc/rc.config to YES. A look in my /etc/rc.d/rc2.d and /etc/rc.d/rc3.d - directories revealed that there are K??firewall - links to ../firewall but none with S??firewall.
From where is the script usually started? Or should there be S?? - scripts for the fw and my installation just went wrong?
One more question: It is usually recomendet to build a monolithic kernel for a firewall, which I did. Booting with this, I get a logfileentry: " No module symbols loaded - kernel modules not enabled", when I try to start the firewall manually. Does the SuSE-fw need a modular kernel? Greetings, Kai
grab this file from the rpmfind.net site http://rpmfind.net/linux/RPM/suse/6.3/axp/suse/sec1/firewals-1.4-8.noarch.ht ml This will correct the file links to start the firewal program. I had the same problem myself. Yes, you may want to rebuild your kernel to load the appropriate modules, unless you want to modify the firewall script in init.d. Once you've downloaded the file you'll need to modify the /etc/rc.firewall configuration file to your taste. The rpm file is listed for the axp platform, but disregard that, due to the noarch designation, it will install on any platform. btw: there is an more updated version on firewal.rpm on the SuSE ftp site under /6.3/updates. For some reason, (I have yet to fire off a post to SuSE) the program seems to open ports that were not available when using the firewal-1.4.8 program. I always audit my network with nmap. Until I can find out why those ports have become visible I cannot recommend the latest version. Cheers, John ----- Original Message ----- From: <kai.krebber@syseca.de> To: <suse-security@suse.com> Sent: Monday, March 20, 2000 1:47 AM Subject: [suse-security] firewall-script doesn't start
Howdy!
I just installed the Suse-firewall-pakage from german 6.3 on my PC. Unfortunately it doesn't start during boot, although I set the START_FW in /etc/rc.config to YES. A look in my /etc/rc.d/rc2.d and /etc/rc.d/rc3.d - directories revealed
that
there are K??firewall - links to ../firewall but none with S??firewall.
From where is the script usually started? Or should there be S?? - scripts for the fw and my installation just went wrong?
One more question: It is usually recomendet to build a monolithic kernel for a firewall, which I did. Booting with this, I get a logfileentry: " No module symbols loaded - kernel modules not enabled", when I try to start the firewall manually. Does the SuSE-fw need a modular kernel?
Greetings, Kai
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
John Scroggins wrote:
btw: there is an more updated version on firewal.rpm on the SuSE ftp site under /6.3/updates. For some reason, (I have yet to fire off a post to SuSE) the program seems to open ports that were not available when using the firewal-1.4.8 program. I always audit my network with nmap. Until I can find out why those ports have become visible I cannot recommend the latest version.
Some time ago I've noticed this behavior with even nmap 2.3 BETA 13. It's not dependend upon SuSE's firewall script, it's dependend upon the precense of blocking firewall rules. You can test that by running nmap -O -s[S|T|U|...] -p 1-65535 target once while your firewalling rules are not active and once while they're active. Depending on your rules someone might think that you're running a Lexmark printer :-). Regards, Fred Mobach fred at mobach.nl
John Scroggins wrote:
btw: there is an more updated version on firewal.rpm on the SuSE ftp site under /6.3/updates. For some reason, (I have yet to fire off a post to SuSE) the program seems to open ports that were not available when using
Thanks Fred, Cheers John ----- Original Message ----- From: "Fred Mobach" <fred@mobach.nl> To: "John Scroggins" <dataefx@earthlink.net>; "SuSE Security" <suse-security@suse.com> Sent: Tuesday, March 21, 2000 12:46 AM Subject: Re: [suse-security] firewall-script doesn't start the
firewal-1.4.8 program. I always audit my network with nmap. Until I can find out why those ports have become visible I cannot recommend the latest version.
Some time ago I've noticed this behavior with even nmap 2.3 BETA 13. It's not dependend upon SuSE's firewall script, it's dependend upon the precense of blocking firewall rules. You can test that by running nmap -O -s[S|T|U|...] -p 1-65535 target once while your firewalling rules are not active and once while they're active.
Depending on your rules someone might think that you're running a Lexmark printer :-).
Regards,
Fred Mobach fred at mobach.nl
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (3)
-
Fred Mobach -
John Scroggins -
kai.krebber@syseca.de