[Shorewall-newbies] blocks everything except local keyboard

Tom Eastep teastep at shorewall.net
Thu Jan 22 13:45:33 PST 2004


On Thursday 22 January 2004 12:46 pm, Bo Forslund wrote:
> Hello!
>
> I have Mandrake 9.2 with kernel 2.6.1 and shorewall blocks everything
> except the local keyboard.
>
> I read the coution note and installed a stock rpm from shorewall.net. I
> have tried to follow the docs and have struggled with shorewall for
> about a week now.

Hmmm -- it takes most people minutes.

>
> I think Mandrakes initscripts interfear with shorewall.

No, they do not -- but you can disable the Mandrake iptables init script by:

	service iptables stop
	chkconfig --delete iptables

> At boot 
> Mandrakes initscripts does something with iptables. Should i throw out
> Mandrakes iptables and install some other one?
>
> If i understand things right shorewall should do all handlling of
> iptables, right?

Yes.

>
> The shorewall box got two ethernet cards and eth0 is is using dhcp to
> Internet and the other card to a local net of a couple of boxes
> 192.168.0.1. I want this box to have a caching nameserver.
>

If you follow the instructions in the two-interface QuickStart Guide, then the 
*only* change you need to make to the Shorewall configuration (after 
overloading the initial /etc/shorewall files with those from the 
two-interface sample) is to add *two rules* for your caching nameserver:

ACCEPT	loc	fw	udp	53
ACCEPT	loc	fw	tcp	53

THAT'S ALL!!!

So if you are having problem, they likely aren't related to Shorewall.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-newbies mailing list