Re: Firewall setting

["A.Sajjad Zaidi" <sajjad@example.com>]

You might also want to try 'gfcc'.

This little tool allows you to import the firewall rules from your system and
edit them pretty easily (requires gtk). Havent tried it with redhat 7.1 or
iptables, but looks quite promising.

Heres the url:

http://icarus.autostock.co.kr/


A.Sajjad Zaidi



legend wrote:

> First of all, let me say thank you, Mr. Byrne and Mr. Stone,
> for your prompt replies with very helpful information.
>
> > During the install, Red Hat 7.1 gives you a choice
> > of no firewalling, medium security firewalling, or
> > maximum security firewalling.
> Yes, I remember this very well. I thought it was a
> good thing for users, that RedHat is giving an option
> to have firewall by default (for obvious reasons).
>
> I remeber putting a medium security level, but never
> bothered to customize the specific ports at installation
> time cuz I thought I could change it later. And I guess
> the problem was that I had no idea how I was supposed
> to customize it later...  (^^;;
>
> > You can find your current rules in /etc/sysconfig/ipchains.
> > You can find an ipchains howto in /usr/share/doc/ipchains-1.3.10.
> > There is also a GUI config tool called firewall-config
> Yes, I checked it and found out that all the ports between
> 0 and 1024 were blocked for incoming accesses.
> To be sure, I changed the default port of apache from
> 80 to 7000, and voir la, it works! I could access the
> apache server from other computers.
>
> So now I knew for sure that the firewall config was
> the cause (or more like my ignorance). I actually
> downloaded rpm for firewall-config to configure the
> firewall setting, but I guess it was not intuitive enough
> for me to use. First of all, the previous settings don't
> show up in the interface just as you wrote:
> > noted is that if I run it, it does not seem to load my
> > existing /etc/sysconfig/ipchains file, yet the help from
> I was hoping that I could just modify whatever was in
> /etc/sysconfig/ipchains to fix the problem.
>
> Anyways, soon enough I realized that
> /etc/sysconfig/ipchains was originally configured with
> /usr/sbin/lokkit (the first line of ipchains says that the
> file was written by lokkit). So I used lokkit to change
> the setting. It's exactly the same interface as the one
> you encounter in the installation process. Very easy
> to handle. I just chose the ports that I wanted to be
> accessible (ssh, web server, ftp).. and it's all done.
>
> Again, thanks a lot. I needed to demo some network-
> related program tomorrow, and I was gonna use my
> laptop to do that... (no use if it wasn't accessible from
> other computers, right?)
>
> > Before I get answer, please start a new thread when
> > changing topics, don't just change the subject.  For
> > those with email clients that do threading, it creates
> > an ugly mess if you don't.
> And I'm sorry about messing up the thread. When I
> hit reply, it showed tlug@example.com at TO: field,
> so I assumed it would create a new thread if I just
> changed the subject of the e-mail. My bad, I'll be
> careful next time.
>
> -mune
>
> P.S.   Do you mind if I forward your replies to other
> people who have similar problems? I've actually posted
> my question to my school's Linux user group. And I
> haven't got really useful info. Someone also replied to
> me saying that he has exactly the same problem.
>
> #    I just setup a 7.1 system and I have the same problem.  I can access
> the
> # box from itself  i.e. ssh me works fine but from any other system it's no
> # go.  I've checked daemons, hosts.allow, hosts.deny, xinetd, emailed
> redhat,
> # and asked around but have no answer yet.  Please let me know if you solve
> # this.  I solved it by re-installing 7.0.
> #
> # Todd
>
> -----------------------------------------------------------------------
> Next Technical Meeting:  Sat, May 12 13:30-
> Next Nomikai Meeting:    Fri, June (TBA) 19:30- Tengu Tokyo Eki Mae
> -----------------------------------------------------------------------
> more info: http://www.tlug.gr.jp           Sponsor: Global Online Japan