Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Does Linux need, or have, a firewall?
- Date: Tue, 21 Feb 2006 00:09:10 -0500
- From: Jim <jep200404@example.com>
- Subject: Re: [tlug] Does Linux need, or have, a firewall?
- References: <43FA7C10.2060708@example.com>
Dave M G wrote: > My understanding of Linux was that it did not need a firewall as a > seperate program, the same way that say, Windows uses ZoneAlarm or > similar firewall applications. This was because port blocking and other > firewall tasks were built into the way the OS operates. > > First question, is the preceeding paragraph true? Linux is very modular. Whether or not firewalling capabililites is done exclusively inside the kernel or is done by a mix of code inside and outside the kernel is usually not important for users. Perhaps what is important is that firewalling is included with most distros. > I've been having trouble setting up ports to be "open", or mapped, > to certain P2P applications. Usually, one opens or "pokes" a hole in the firewall for an application, but the firewalling part does not map it to an _application_ (although it might map it to a different interface or port). It is up to the application to listen to the appropriate ports. Just what P2P application are you using? > With help from the Tokyo PC Users group, > I'm reasonably certain I've done all I can with my router (and it's DHCP > server) to map certain ports to my machine. OK, so what did you do? > But they remain blocked, How do you know? Networking stuff is complicated, so if any one piece is not correct, the whole thing does not work, giving you very little information about where the problem is. What are the symptoms? > ... with Firestarter I attempted to map some ports to my > computer's IP address, What you say sounds wierd. On the dedicated router/firewall/NAT box, I would expect to guide (map) packets for some port to your computer's IP address on the LAN, but within your computer behind the firewall, I would simply accept a packet for a particular port, but I would not do any further "mapping" to any more IP addresses. > ... I'm still not getting the throughput that I hoped for. Firewalling is a rather yes/no thing. Either something is blocked or it is not blocked. If you are not getting the throughput that you hoped for, Since you are messing with a P2P program, maybe the consequence of blocking incoming connections is that much of your traffic has to go through proxies, the extra step of which slows you down. How much throughput were you hoping for? > Second question, am I barking up the wrong tree? If I want to map > ports on the OS side, is Firestarter the way to go? On the destination computer, I think of blocking or opening ports, but not of _mapping_ ports.
- Follow-Ups:
- Re: [tlug] Does Linux need, or have, a firewall?
- From: Dave Gutteridge
- Re: [tlug] Does Linux need, or have, a firewall?
- References:
- [tlug] Does Linux need, or have, a firewall?
- From: Dave M G
- [tlug] Does Linux need, or have, a firewall?
- Prev by Date: Re: [tlug] Does Linux need, or have, a firewall?
- Next by Date: Re: [tlug] Runaway iiimfd
- Previous by thread: Re: [tlug] Does Linux need, or have, a firewall?
- Next by thread: Re: [tlug] Does Linux need, or have, a firewall?
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |