Page: Protect your slice

September 17, 2008 11:15pm 0 Comments , and

Shorewall (Shorewall MAN pages) is a easy to deploy firewall for Linux, below are steps to set it up for your on your server. Good references and further readings at this, this and this forum thread

Install shorewall

apt-get install shorewall shorewall-common

change directory

cd /etc/shorewall

copy example files for one-interface for editing

sudo cp /usr/share/doc/shorewall-common/examples/one-interface/* .

edit rules file nano rules

add below lines before end of file

ACCEPT net fw tcp 9315 ACCEPT net fw tcp 80

edit shorewall.conf file to make it start on boot

nano /etc/shorewall/shorewall.conf

change

STARTUP_ENABLED=Yes

Now edit file /etc/default/shorewall

Look for the “startup” parameter and change it from 0 to 1. This is to prevent startup with default configuration.

Last run a check on configuration shorewall check

You should see shorewall configuration verified at the end

Last step start shorewall invoke-rc.d shorewall start you should see

Starting "Shorewall firewall": done.

If you want to check logs they are saved at /var/log/shorewall-init.log

You could also output your configuration by iptables -L, I have yet to learn how to read it though.

A lot of people use nmap to scan ports to ensure security.

0 Responses to Protect your slice

Feed for this Entry
  1. There are currently no comments.

Leave a Reply