Mageia forum

share the magic

Skip to content

shorewall-firewall problems

Post a reply

shorewall-firewall problems

Postby scanray » Feb 25th, '14, 02:32

Hi,

I have a computer configured as a firewall.
The computer has 3 nics: net, loc dmz .
In dmz I have 5 servers running. I have this configuration system for over 7 years. I have used this setup with mandriva (can not remember which version) and then mageia 2 and 3.

The method I 've always used is to disable the firewall ( I select everything in drakfirewall ) . Then I created my own script with the rules. This has worked well with me using iptables rules and shorewall, to version 3 of mageia .

Now with mga4 not work. Have definitely changed a lot in the firewall and it seems that there is a conflict between drakfirewall and shorewall . Always used different files for configuration.
Every time I make a change in my file drakfirewall sorewall rules is deleted . Before not happen.
If I turn off the firewall and run shorewall with my own rules, does not recognize that I open ports and neither dnat. I do not use common ports for the web. Are development servers.
When I try to use the drakfirewal, I can not configure dnat. If I open ssh communication, drakfirewall assigned port 22. I changed this port to xxxx in macro.SSH file.

Definitely. drakfirewall not read shorewall files, but if I deactivate drakfirewall, I can not use shorewall. I do not know why.

What is the solution to use 3 nics?
How to manually configure the ports to be used in drakfirewall?
How I do to disable the internal firewall and only use shorewall? (I prefer this)

thanks
scanray
 
Posts: 32
Joined: Feb 5th, '14, 08:53
Top

Re: shorewall-firewall problems

Postby doktor5000 » Feb 25th, '14, 02:52

You could take a look at some related Errata entries/bugreports:

https://wiki.mageia.org/en/Mageia_3_Err ... ll6_config
https://bugs.mageia.org/show_bug.cgi?id=12316
https://bugs.mageia.org/show_bug.cgi?id=10160
https://bugs.mageia.org/show_bug.cgi?id=11127
https://bugs.mageia.org/show_bug.cgi?id=4678
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
User avatar
doktor5000
 
Posts: 18052
Joined: Jun 4th, '11, 10:10
Location: Leipzig, Germany
Top

Re: shorewall-firewall problems

Postby scanray » Mar 5th, '14, 04:39

sorry for the delay
is almost solved.
I followed the steps in the links you sent me.
It is strange that some of the ports I have configured work. Others do not work.
I've checked in /etc/services and are not blocked.

thanks for the help, I keep looking for errors. Maybe some upgrade it fixed.
scanray
 
Posts: 32
Joined: Feb 5th, '14, 08:53
Top

Re: shorewall-firewall problems

Postby doktor5000 » Mar 7th, '14, 21:42

scanray wrote:I've checked in /etc/services and are not blocked.

What do you mean by blocked in /etc/services ?
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
User avatar
doktor5000
 
Posts: 18052
Joined: Jun 4th, '11, 10:10
Location: Leipzig, Germany
Top

Re: shorewall-firewall problems

Postby scanray » Mar 8th, '14, 06:30

sorry, I wanted to say they were not reserved for some special application.
scanray
 
Posts: 32
Joined: Feb 5th, '14, 08:53
Top
Post a reply

Return to Networking

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group
cron