[Shorewall-newbies] blocks everything except local keyboard
teastep at shorewall.net
Thu Jan 22 13:45:33 PST 2004
On Thursday 22 January 2004 12:46 pm, Bo Forslund wrote:
> I have Mandrake 9.2 with kernel 2.6.1 and shorewall blocks everything
> except the local keyboard.
> I read the coution note and installed a stock rpm from shorewall.net. I
> have tried to follow the docs and have struggled with shorewall for
> about a week now.
Hmmm -- it takes most people minutes.
> I think Mandrakes initscripts interfear with shorewall.
No, they do not -- but you can disable the Mandrake iptables init script by:
service iptables stop
chkconfig --delete iptables
> At boot
> Mandrakes initscripts does something with iptables. Should i throw out
> Mandrakes iptables and install some other one?
> If i understand things right shorewall should do all handlling of
> iptables, right?
> The shorewall box got two ethernet cards and eth0 is is using dhcp to
> Internet and the other card to a local net of a couple of boxes
> 192.168.0.1. I want this box to have a caching nameserver.
If you follow the instructions in the two-interface QuickStart Guide, then the
*only* change you need to make to the Shorewall configuration (after
overloading the initial /etc/shorewall files with those from the
two-interface sample) is to add *two rules* for your caching nameserver:
ACCEPT loc fw udp 53
ACCEPT loc fw tcp 53
So if you are having problem, they likely aren't related to Shorewall.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies