Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 11 Dec 2017, 11:18
All times are UTC - 4
 Forum index » Advanced Topics » Hardware » Networking
Peasy Firewall Monitor
Post new topic   Reply to topic View previous topic :: View next topic
Page 3 of 6 [84 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Author Message
keniv

Joined: 06 Oct 2009
Posts: 463
Location: Scotland

PostPosted: Mon 20 Feb 2017, 19:01    Post subject:  

rcrsn51 wrote:
Quote:
I don't understand how you are getting from the second window back to the first window - there is no path to do that unless you re-run the program.

Please answer.


I have just removed v1.5 and replaced it with v1.6. V1.6 is working perfectly in wary. Thank you for that. I'm sorry but I can't exactly remember how I got from image2 to 3. I got from 1 to 2 by clicking OK or Cancel on the corrupted window. I clicked on the button in 2 to bring up the tray icon and clicked OK.This is the point where I'm not sure what I did next. I did however click on the icon a couple of times. I also re-ran the firewall from the window. I also looked in /root/startup to make sure there was something relvant in there. I also rebooted the machine to check the firewall started. I also ran iptables -L -n in a terminal to make sure the firewall was running.
I hope, from the above, you can work out from this how I got to image3.

Regards,

Ken.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 11736
Location: Stratford, Ontario

PostPosted: Mon 20 Feb 2017, 19:12    Post subject:  

Thanks. I have added a post-install script to the PET that removes any existing firewall. That will make PFM build a new basic firewall on the first run.
Back to top
View user's profile Send private message 
keniv

Joined: 06 Oct 2009
Posts: 463
Location: Scotland

PostPosted: Mon 20 Feb 2017, 19:23    Post subject:  

I think thats a good idea. I did not think to shut off the firewall before I installed v1.5. I'm wondering if I should install v1.6 in 412 lite and 410 smp. v1.5 works with these two. I'd appreciate your advice.

Ken.b
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 11736
Location: Stratford, Ontario

PostPosted: Mon 20 Feb 2017, 19:28    Post subject:  

That's up to you. The major changes in v1.6 are with detection of open ports and building the firewall for trusted networks.
Back to top
View user's profile Send private message 
greengeek


Joined: 20 Jul 2010
Posts: 4739
Location: Republic of Novo Zelande

PostPosted: Tue 21 Feb 2017, 02:43    Post subject:  

keniv wrote:
I also ran iptables -L -n in a terminal to make sure the firewall was running..
I am interested to know what information this command offers. Does my output ring any alarm bells with you? -

Code:
# iptables -L -n
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state NEW
TRUSTED    all  --  0.0.0.0/0            0.0.0.0/0            state NEW

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       icmp --  0.0.0.0/0            0.0.0.0/0            state INVALID

Chain TRUSTED (1 references)
target     prot opt source               destination         
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0            icmptype 8
DROP       icmp --  0.0.0.0/0            0.0.0.0/0           
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
#
Back to top
View user's profile Send private message 
keniv

Joined: 06 Oct 2009
Posts: 463
Location: Scotland

PostPosted: Tue 21 Feb 2017, 05:53    Post subject:  

@greengeek
Your output from iptables -L -n is very like mine. I can't check just now as I don't have access to my old laptop and am replying on a phone.
I'm no expert on this stuff. I asked on another thead how I could tell if the firewall was running. This was what was suggested. I think it displays your set of rules. I think if the firewall is not running they would not be displayed.

@rcrsn51
I think I'll stick with v1.5 for 412 lite and 410 as their not on a local network .

Ken.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 11736
Location: Stratford, Ontario

PostPosted: Tue 21 Feb 2017, 12:07    Post subject:  

Version 1.7 is posted above. It has a single-window user interface.
Back to top
View user's profile Send private message 
keniv

Joined: 06 Oct 2009
Posts: 463
Location: Scotland

PostPosted: Tue 21 Feb 2017, 13:13    Post subject:  

Now using v1.7 in all four pups. Working in all of them.

Ken.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 11736
Location: Stratford, Ontario

PostPosted: Tue 21 Feb 2017, 13:16    Post subject:  

Excellent. Thanks for testing.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 11736
Location: Stratford, Ontario

PostPosted: Tue 21 Feb 2017, 16:23    Post subject:  

Version 1.8 posted above.
Back to top
View user's profile Send private message 
slavvo67

Joined: 12 Oct 2012
Posts: 1434
Location: The other Mr. 305

PostPosted: Tue 21 Feb 2017, 19:24    Post subject:  

Installed in Quirky Xerus64 (actually RU Xerus but interchangeable from my standpoint). Seems to work except for the install tray applet.
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 11736
Location: Stratford, Ontario

PostPosted: Tue 21 Feb 2017, 19:32    Post subject:  

slavvo67 wrote:
Installed in Quirky Xerus64 (actually RU Xerus but interchangeable from my standpoint). Seems to work except for the install tray applet.

The tray applet is a 32bit binary, so you need a 64bit version. Attached below, but I don't know if it will be compatible. Please report.

[Edit] This version is also compatible with Fatdog.

Quote:
Seems to work

That's the thing about firewalls. The only true test is to run from a second machine and probe the first machine with a tool like PeasyPort.

---------------------------
peasyfwmon_64bit-2.1.pet
Description  Updated 2017-07-25
Recognizes multiple networks
pet

 Download 
Filename  peasyfwmon_64bit-2.1.pet 
Filesize  23.91 KB 
Downloaded  35 Time(s) 
peasyfwmon_2state_tray_64bit-1.0.pet
Description 
pet

 Download 
Filename  peasyfwmon_2state_tray_64bit-1.0.pet 
Filesize  5.24 KB 
Downloaded  61 Time(s) 

Last edited by rcrsn51 on Tue 25 Jul 2017, 14:19; edited 14 times in total
Back to top
View user's profile Send private message 
slavvo67

Joined: 12 Oct 2012
Posts: 1434
Location: The other Mr. 305

PostPosted: Tue 21 Feb 2017, 20:19    Post subject:  

The tray applet seems to be working --- Thank you! Thank you for the Peasyport tip. I'll have to test a little....

I have a suggestion but I'm not sure if it's practical or how difficult to accomplish. It would be nice to have a box that says Open Port [ _ _ ] to simplify opening a specific port #. Then, you would probably need a close port X or close all ports. Just a thought but it's nice, either way!
Back to top
View user's profile Send private message 
rcrsn51


Joined: 05 Sep 2006
Posts: 11736
Location: Stratford, Ontario

PostPosted: Tue 21 Feb 2017, 20:28    Post subject:  

slavvo67 wrote:
The tray applet seems to be working

Ummm... Either it's working or it's not.
Quote:
It would be nice to have a box that says Open Port

If you want to open individual ports, you can run the full Linux Firewall app, assuming it's installed. But what is the practical value of doing that?
Back to top
View user's profile Send private message 
slavvo67

Joined: 12 Oct 2012
Posts: 1434
Location: The other Mr. 305

PostPosted: Tue 21 Feb 2017, 20:45    Post subject:  

When I temporarily turn off the firewall, only ports 139 and 445 reflect as being opened using Peasyscan with a different computer.

Actually, the above might be a Peasyport issue. When I removed the firewall, Peasyport only reported back the ports above as being opened.

Practical value is say you're using Python Simple Server. No?

Update: I see what you're doing. So you're using port 24 for trusted LAN and that can be used with Python Simple Server as well as any. So, only question is can you turn off the trusted lan (port 24) without shutting down the firewall and restarting?

Also, still checking on the Peasyport discrepancy. I may have had the firewall up on the computer using Peasyport to scan. Still, not sure why it would show 2 open ports when that computer would be locked down..... I'll let you know what I find...
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 3 of 6 [84 Posts]   Goto page: Previous 1, 2, 3, 4, 5, 6 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Hardware » Networking
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0700s ][ Queries: 12 (0.0129s) ][ GZIP on ]