[slax]

Noted

[Digital_Resistance]

I meant 'any linux distro with firewall enabled' should show "stealth" even on dial-up as opposed to "closed".

Okay, thanks for clarifying.

Remembering that Shorewall is merely a script to configure the iptables around the options selected by the user.

I noticed that both iptables as well as ip6tables are listed as being "stopped" under "Services and daemons" in the Control Center-- despite my having installed Shorewall and activated the Firewall. (and all ports but 113 scanning as "stealth")

Does this make sense?

Gnome-PPP is indeed included, [in the GNOME Zen Mini edition]

Thank you.

Would anyone happen to know about the E-17 edition?

(It seems that the only other edition that comes with a dial-up GUI is the KDE version, which includes KPPP; A post made to the main PCLOS forum in April says the LXDE edition does not have one and I tried the Xfce edition in July and found no dial-up GUI in it either. It really would be nice if this info were to be listed somewhere. That way people with only dial-up could know whether a given edition or release has a dial-up GUI or not, before going to the trouble of purchasing a CD or bothering a friend with broadband.)

I think consideration should def be given to Firewall functionality "out of the box" in the next releases.

Especially considering how little space Shorewall, a 377k download, would take up on the ISO.

Noted

Appreciated. Thank you.

[Digital_Resistance]

I have finally tried PCLOS Gnome 2010.12 and was happy to see that Shorewall has indeed been added to the ISO, making it possible to activate the firewall "1-2-3" without downloading or updating anything. (as it already was in the KDE edition).

Thanks a lot devs!

[lightning slinger]

I noticed that both iptables as well as ip6tables are listed as being "stopped" under "Services and daemons" in the Control Center-- despite my having installed Shorewall and activated the Firewall. (and all ports but 113 scanning as "stealth")

Easiest way to 'stealth' the Authorization Port 113 is to 'comment out' (add #) to the line

Code: Select all

PARAM -  -  tcp 113

to become

Code: Select all

#PARAM -  -  tcp 113

in

Code: Select all

/usr/share/shorewall/macro.Auth

[JNibski]

...For stealthing #113 :

/usr/share/shorewall/macro.Auth

I have the same scenario in LXDE but it won't let me "overwrite" it....

JN.

[lightning slinger]

...For stealthing #113 :

/usr/share/shorewall/macro.Auth

I have the same scenario in LXDE but it won't let me "overwrite" it....

JN.

It should do so in root, at least it does so in Gnome!

There is the other way to stealth #113

add the following line

Code: Select all

DROP net fw tcp 113

in

Code: Select all

/etc/shorewall/rules

EDIT: For those who don't know don't forget to reboot in both cases for this to become effective!

[JNibski]

Thanks LS ! The KEY was to do it in/as "ROOT"....

I have encountered clients with this #113 issue more than once, and now I have Answers...

Thank you for the tips and rapid reply!

JN

[lightning slinger]

... The KEY was to do it in/as "ROOT"....

JN

Sorry for confusing you, I had thought you would have known to edit shorewall you would need to be root!!

[JNibski]

....Yes, normally, yes.....this is why i brought it to light....
Sometimes with various distros - certain methodologies might not work...
Sometimes a LINUX command needs something else...
You have given 2 methods here that seem to be the ticket, and it is appreciated by us "novice" senior folk.

In LXDE= one can do this by goin to : >MENU>FILETOOLS>FileMGRsuperuser>PCmanFM....etc...

JN.

[lightning slinger]

"novice" senior folk.

Hi!! I'm in that category too!!!

[don_crissti]

In LXDE= one can do this by goin to : >MENU>FILETOOLS>FileMGRsuperuser>PCmanFM....etc...

superuser means root
Gnome has a right-click menu entry: "open as admin"

[sarcastic_bastard]

If you can't do something as user, it's usually a hint you need to be root.