Hello: Setting up the bastille firewall is turning into an adventure. Although I pretty much having it do what I want, there are some nagging issues I am hoping somebody can assist me.
1. Background info: Running LM8.0 in a dell 4100 series pc using an 800 mhz pIII processor with 384meg of RAM. 2. Most annoying: I keep loosing my lan connection to my win box. I will have everything running (meaning my lan, the firewall, and my internet connection) pretty good. I will then walk away from the computer, and come back, say an hour later. When I return, I can no longer access the c drive in my win box. If I try, I get a "input/output" error. To get it back, I must shut down the firewall, unmount and remount the c drive and restart the firewall (by firewall I mean Bastille). FWIW, I don't loose my samba connection. I suspect the firewall, because if the firewall is down, and I leave for 2 hours or more, the network is just fine when I return. I have checked the bastille-firewall.cfg file and I don't see anything involving some kind of network time out variable. Could it be related to one of the icmp variables? 3. Not so annoying: The"kernel modules to masquerade" option in InteractiveBastille has the default setting of "ftp raudio vdolive". To the list I added irc. When I load bastille-firewall I get the error messages could not find ip_nat_raudio and ip_nat_vdolive. I searched in my system for both files (used the command "find / ip_nat_raudio* -print") and I could not find them. Any ideas where they might be? Either in my system or on some web page? I assume ip_nat_raudio is for realplayer. I have been able to do a workaround by dedicating a couple of ports to real player. Imho, it is not the best solution, but it should do until I am able to find the nat file for it. I have no idea what is vdolive? Again, if somebody can suggest where I might find it, I would appreciate it. 4. Not annoying but still: I use IRC and in order for the servers to identify my client, I must leave port 113 open. Is there a way where I can shut down the port after the server has identified my client? I had to install identd in my system for the i.d. process to work properly. Thanks in advance.... Dexter
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
