If You don't have a network !!
What you have to do:
1. select ippp0 (isdn card) or ppp0 (52k modem)
2. ppp0 or ippp0 must started-up before pmfirewall takes
effect !!!
3. so select :
I tryed PMfirewall on the following machine:
-networkcard : none
-internet connection: via ISDN card
-POP to retrieve from ISP (no IMAP)
Purposes:
Want to close all ports to the outside.
Installation:
On the untared pmfirewall dir ~/pmfirewall-1.1.4
Type: sh install.sh
The install proc.: (questions (summerized) - responses.)
*dir to install: /usr/pmfirewall #(or where you
want)
*network : ippp0 (or ppp0)
*unrestricted access ? Y
IP range: 127.0.0.1/255.255.255.0
add others ? N
*IP ragnges to block completely ? N
*IP address assigned via DHCP ? N
*Running FTP ports 220/21 ? N
* " SSH 22 ? N
* " Telnet server 23 ? N
* " SMTP server 25 ? N
* " DNS server 53 ? N
* " Finger server 79 ? N
* " Web server 80 ? N
* " POP server 110 ? Y
IP address 127.0.0.1/255.255.255.0
*Allow IDENT 113 ? N
*Running NNTP server 119 ? N
*If using NTP 123 ? N
*Open NetBIOS/Samba 137-139 ? N
*Running IMAP server 143 ? N
* " SSL web server 443 ? N
* " routed (RIP) 520 ? N
*Open NFS 2049 ? N
*X server 5999-6003 ? N
*Other ports to open ? N
*Start on boot-up ? N
*Autodetect IP address ? Y
*Masquerade for other PC's ? N
*Start pmfirewall when succ PPP connection ? Y
-------------------------------------------
Now copy the pmfirewall-script added in /etc/ppp/if-up.local
to /etc/if-up (takes no effect on if-up.local)
Same on if-down from if-down.local.
Start your connection.
If pmfirewall didn't started,start pmfirewall:
cd /usr/pmfirewall ( or rhe dir you installed pmfirewall)
sh pmfirewall start
If there are no error messages you'r ok !
-------------------------------------------
Results:
>From http://grc.com --> STEALTH --> PORTPROBE
Port Service Status
---- ------- ------
21 FTP stealth
23 Telnet "
25 SMTP "
79 Finger "
80 HTTP "
110 POP3 "
113 IDENT "
139 NetBIOS "
143 IMAP "
443 HTTPS "
-------------------------------------------
Hope this help.
Eric MC
Paul wrote:
>
> On Mon, 7 Aug 2000, Ronald J. Hall wrote:
>
> >Okay, I've been playing around with PMfirewall for a bit now. I did grab
> >the ipchains (not ip_chains!!!) RPM and install it, so ipchains is in
> >/sbin. I did a sh install.sh from the pmfirewall-1.1.4 folder, and the
> >script starts. It does find ipchains now. I have a few questions about
> >the questions it asks during the installation. What exactly am I
> >supposed to put for the external interface? I tried ppp0,
> >eth0, even modem (yes, I was desperate!).
>
> Depends a lot on how you connect to the net. I use ISDN, so my interface
> is IPPP0. When you use a modem and PPP dial-up, it should be PPP0
>
> >Any hints/clues/suggestions for a firewall user wannabe? I did read the
> >docs and man page with pmfirewall, as well as the ipchains HOWTO,
> >but I still couldn't any docs that walk you through the installation
> >script. (or did I just miss it somewhere?)
>
> As Steve said, there is a separate mailing list for PMFirewall. Maybe it
> is a good thing to go there and ask. I am not a firewall specialist, just
> found this program to be very very useful and easy.
>
> >Thanks in advance! ;-)
> >
> >PS Oh, 1 more thing. Pmfirewall is listed as starting when I bootup, and
> >I've got it set to start when ppp is successful. Is this the correct way
> >to start it?
>
> Hmmm, I think it should hook itself to /etc/ppp/ip-up instead of the boot
> sequence, but since I always load it at boot, I am not sure...
>
> Paul
>
> --
> God must love crazy people:
> he made SO MANY of them!
>
> )0( [[EMAIL PROTECTED]] )0(
> http://nlpagan.net - ICQ 147208
> Registered Linux User 174403
> -=PINE 4.21+Linux Mandrake 7.1=-
