On Tuesday 01 Apr 2003 12:42 am, Pedro Alves wrote: > Hello all, > > I live in a student residence in Aachen in Germany. > > I have internet access in my room, the problem is that the firewall they've > installed is configured in a way that instead of blocking ports, everytime > someone uses a forbiden port, he gets automatically banned from using > internet! The first time it happened to me, I've learned that there's an > incompatibility between CUPS searching for network printers and the > firewall. They say it was port 511. So I've disabled CUPS service. A couple > of days later I get network again, but after a few hours running ok, BAMM! > no network again. This time it was port 541. > > The first time I was blocked, I was using Mandrake 9.0, and the second time > I had just installed 9.1 and disabled CUPS. I think I was trying to use > Kopete with ICQ plugin when I went down. > > - Is there anyway I can check which ports my PC trying to use whithout > being connected? I'm afraid to plug in the cable, because I don't know > which service may knock my connection down. - Does Mandrake Firewall block > outgoing ports, or just incoming connections? if the latest is true how can > I block outgoing ports?? > > Thanks in advance > Best Regards > Pedro Alves > Portugal
Yes the Mandrake firewall can block outgoing ports. Just go through the Mandrake firewall GUI to get the firewall started, and then edit the file /etc/shorewall/policy Change the line fw net ACCEPT to fw net DROP This will block ALL traffic from your computer to the Internet. (Restart shorewall and you will see) Now you must make some 'holes' in the firewall to allow the services you want. Edit the file /etc/shorewall/rules add lines like this :- ACCEPT fw net tcp http,https,ftp,25,pop3 ACCEPT fw net udp http,https,ftp,25,pop3 Define all the services your university permits either by their name or port number. You will find a list of service names/ports at /etc/services Then restart shorewall with service shorewall restart in a root terminal. Once you have set up the files by hand. Do NOT use the Mandrake Firewall GUI again. It will undo all your work :-( HTH derek -- ---------------------------------- www.jennings.homelinux.net
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
