Dennis Myers wrote:
>
> Mark Weaver wrote:
>
> > yes, and yes.
> >
> > here is a link to a site where you can download a very configurable
> > firewall great for beginners.
> >
> > http://www.pmfirewall.com/PMFirewall/
> >
> > --
> > Mark
> >
> > I love my Linux Box....!
> > REASON #1 -- ...it's not Windows!
> > Registered Linux user #1299563
> >
> > On Fri, 23 Jun 2000, Vic wrote:
> >
> > >Is any firewall just for blocking ports or can it also
> > >protect the needed open ones like ftp 21 www 80 and so forth?
> > >
>
> I tried the mentioned firewall and once again I am feeling stupid. I
> loaded it and immediately could not get Netscape to load . It would
> stall with only the stop sign and the frame showing. I then
> uninstalled and got my Netscape and mail back. I must have set a
> closed port or deny in the wrong place. Again the documentation is
> not set up for virtual dummies, but only for people who have alot of
> experience either with Linux or as programmers etc. Anybody know
> what a good set of setings would be and still allow Netscape access.
> I keep looking for books and online documentation. Nobody writes
> Linux for Idiots, you have to be at least a dummy. "Life is good,
> just don't weaken" Dennis
>
> Registered Linux User # 180842
Dennis,
Don't feel too badly about it. It took me a few trys before I got the
thing working for me. It helps of you leave port 23 (SMPT) open and port
80 (HTTP) that will allow you to access your mail server and the
internet.
Set everything else to be closed and deny all connections.
The ranges you want to deny connections to are this:
these ranges are given as pairs...IP/SUBNETMASK
Set the ranges as such ----> 1.2.3.0/255.255.255.0
For the range that is yourself so you can access your mail server and
the internet your range us this: 127.0.0.1/255.255.255.0
Most likely your ISP assigns you a "dynamic" IP number each time you log
on. That's ok. Don't worry about trying to set that. You will be asked
about this. I believe the question asks something about DHCP assigning
an IP address. Answer "y" to this one.
Keep working at cause this is one nice little firewall. My Linux box,
after being tested by the Shields Up web site was shown to be running in
Full on stealth mode. I'm totally cloaked and can't be seen on the
internet. The packets come in and disappear into a "Blackhole!" Never to
be seen or heard from again. I LOVE IT.
Here's the URL for that site if you want to test your system.
https://grc.com/x/ne.dll?bh0bkyd2
Good luck and press on forward!
