[Shorewall-newbies] blocks everything except local keyboard

Tom Eastep teastep at shorewall.net
Thu Jan 22 13:45:33 PST 2004

On Thursday 22 January 2004 12:46 pm, Bo Forslund wrote:
> Hello!
> I have Mandrake 9.2 with kernel 2.6.1 and shorewall blocks everything
> except the local keyboard.
> I read the coution note and installed a stock rpm from shorewall.net. I
> have tried to follow the docs and have struggled with shorewall for
> about a week now.

Hmmm -- it takes most people minutes.

> I think Mandrakes initscripts interfear with shorewall.

No, they do not -- but you can disable the Mandrake iptables init script by:

	service iptables stop
	chkconfig --delete iptables

> At boot 
> Mandrakes initscripts does something with iptables. Should i throw out
> Mandrakes iptables and install some other one?
> If i understand things right shorewall should do all handlling of
> iptables, right?


> The shorewall box got two ethernet cards and eth0 is is using dhcp to
> Internet and the other card to a local net of a couple of boxes
> I want this box to have a caching nameserver.

If you follow the instructions in the two-interface QuickStart Guide, then the 
*only* change you need to make to the Shorewall configuration (after 
overloading the initial /etc/shorewall files with those from the 
two-interface sample) is to add *two rules* for your caching nameserver:

ACCEPT	loc	fw	udp	53
ACCEPT	loc	fw	tcp	53


So if you are having problem, they likely aren't related to Shorewall.

