Author |
Message |
keniv
Joined: 06 Oct 2009 Posts: 566 Location: Scotland
|
Posted: Mon 20 Feb 2017, 19:01 Post subject:
|
|
rcrsn51 wrote: | Quote: | I don't understand how you are getting from the second window back to the first window - there is no path to do that unless you re-run the program. |
Please answer. |
I have just removed v1.5 and replaced it with v1.6. V1.6 is working perfectly in wary. Thank you for that. I'm sorry but I can't exactly remember how I got from image2 to 3. I got from 1 to 2 by clicking OK or Cancel on the corrupted window. I clicked on the button in 2 to bring up the tray icon and clicked OK.This is the point where I'm not sure what I did next. I did however click on the icon a couple of times. I also re-ran the firewall from the window. I also looked in /root/startup to make sure there was something relvant in there. I also rebooted the machine to check the firewall started. I also ran iptables -L -n in a terminal to make sure the firewall was running.
I hope, from the above, you can work out from this how I got to image3.
Regards,
Ken.
|
Back to top
|
|
 |
rcrsn51

Joined: 05 Sep 2006 Posts: 12807 Location: Stratford, Ontario
|
Posted: Mon 20 Feb 2017, 19:12 Post subject:
|
|
Thanks. I have added a post-install script to the PET that removes any existing firewall. That will make PFM build a new basic firewall on the first run.
|
Back to top
|
|
 |
keniv
Joined: 06 Oct 2009 Posts: 566 Location: Scotland
|
Posted: Mon 20 Feb 2017, 19:23 Post subject:
|
|
I think thats a good idea. I did not think to shut off the firewall before I installed v1.5. I'm wondering if I should install v1.6 in 412 lite and 410 smp. v1.5 works with these two. I'd appreciate your advice.
Ken.b
|
Back to top
|
|
 |
rcrsn51

Joined: 05 Sep 2006 Posts: 12807 Location: Stratford, Ontario
|
Posted: Mon 20 Feb 2017, 19:28 Post subject:
|
|
That's up to you. The major changes in v1.6 are with detection of open ports and building the firewall for trusted networks.
|
Back to top
|
|
 |
greengeek

Joined: 20 Jul 2010 Posts: 5624 Location: Republic of Novo Zelande
|
Posted: Tue 21 Feb 2017, 02:43 Post subject:
|
|
keniv wrote: | I also ran iptables -L -n in a terminal to make sure the firewall was running.. | I am interested to know what information this command offers. Does my output ring any alarm bells with you? -
Code: | # iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
TRUSTED all -- 0.0.0.0/0 0.0.0.0/0 state NEW
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP icmp -- 0.0.0.0/0 0.0.0.0/0 state INVALID
Chain TRUSTED (1 references)
target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
#
|
|
Back to top
|
|
 |
keniv
Joined: 06 Oct 2009 Posts: 566 Location: Scotland
|
Posted: Tue 21 Feb 2017, 05:53 Post subject:
|
|
@greengeek
Your output from iptables -L -n is very like mine. I can't check just now as I don't have access to my old laptop and am replying on a phone.
I'm no expert on this stuff. I asked on another thead how I could tell if the firewall was running. This was what was suggested. I think it displays your set of rules. I think if the firewall is not running they would not be displayed.
@rcrsn51
I think I'll stick with v1.5 for 412 lite and 410 as their not on a local network .
Ken.
|
Back to top
|
|
 |
rcrsn51

Joined: 05 Sep 2006 Posts: 12807 Location: Stratford, Ontario
|
Posted: Tue 21 Feb 2017, 12:07 Post subject:
|
|
Version 1.7 is posted above. It has a single-window user interface.
|
Back to top
|
|
 |
keniv
Joined: 06 Oct 2009 Posts: 566 Location: Scotland
|
Posted: Tue 21 Feb 2017, 13:13 Post subject:
|
|
Now using v1.7 in all four pups. Working in all of them.
Ken.
|
Back to top
|
|
 |
rcrsn51

Joined: 05 Sep 2006 Posts: 12807 Location: Stratford, Ontario
|
Posted: Tue 21 Feb 2017, 13:16 Post subject:
|
|
Excellent. Thanks for testing.
|
Back to top
|
|
 |
rcrsn51

Joined: 05 Sep 2006 Posts: 12807 Location: Stratford, Ontario
|
Posted: Tue 21 Feb 2017, 16:23 Post subject:
|
|
Version 1.8 posted above.
|
Back to top
|
|
 |
slavvo67
Joined: 12 Oct 2012 Posts: 1617 Location: The other Mr. 305
|
Posted: Tue 21 Feb 2017, 19:24 Post subject:
|
|
Installed in Quirky Xerus64 (actually RU Xerus but interchangeable from my standpoint). Seems to work except for the install tray applet.
|
Back to top
|
|
 |
rcrsn51

Joined: 05 Sep 2006 Posts: 12807 Location: Stratford, Ontario
|
Posted: Tue 21 Feb 2017, 19:32 Post subject:
|
|
slavvo67 wrote: | Installed in Quirky Xerus64 (actually RU Xerus but interchangeable from my standpoint). Seems to work except for the install tray applet. |
The tray applet is a 32bit binary, so you need a 64bit version. Attached below, but I don't know if it will be compatible. Please report.
[Edit] This version is also compatible with Fatdog.
That's the thing about firewalls. The only true test is to run from a second machine and probe the first machine with a tool like PeasyPort.
---------------------------
Description |
Updated 2017-07-25 Recognizes multiple networks
|

Download |
Filename |
peasyfwmon_64bit-2.1.pet |
Filesize |
23.91 KB |
Downloaded |
352 Time(s) |
Description |
|

Download |
Filename |
peasyfwmon_2state_tray_64bit-1.0.pet |
Filesize |
5.24 KB |
Downloaded |
376 Time(s) |
Last edited by rcrsn51 on Tue 25 Jul 2017, 14:19; edited 14 times in total
|
Back to top
|
|
 |
slavvo67
Joined: 12 Oct 2012 Posts: 1617 Location: The other Mr. 305
|
Posted: Tue 21 Feb 2017, 20:19 Post subject:
|
|
The tray applet seems to be working --- Thank you! Thank you for the Peasyport tip. I'll have to test a little....
I have a suggestion but I'm not sure if it's practical or how difficult to accomplish. It would be nice to have a box that says Open Port [ _ _ ] to simplify opening a specific port #. Then, you would probably need a close port X or close all ports. Just a thought but it's nice, either way!
|
Back to top
|
|
 |
rcrsn51

Joined: 05 Sep 2006 Posts: 12807 Location: Stratford, Ontario
|
Posted: Tue 21 Feb 2017, 20:28 Post subject:
|
|
slavvo67 wrote: | The tray applet seems to be working |
Ummm... Either it's working or it's not.
Quote: | It would be nice to have a box that says Open Port |
If you want to open individual ports, you can run the full Linux Firewall app, assuming it's installed. But what is the practical value of doing that?
|
Back to top
|
|
 |
slavvo67
Joined: 12 Oct 2012 Posts: 1617 Location: The other Mr. 305
|
Posted: Tue 21 Feb 2017, 20:45 Post subject:
|
|
When I temporarily turn off the firewall, only ports 139 and 445 reflect as being opened using Peasyscan with a different computer.
Actually, the above might be a Peasyport issue. When I removed the firewall, Peasyport only reported back the ports above as being opened.
Practical value is say you're using Python Simple Server. No?
Update: I see what you're doing. So you're using port 24 for trusted LAN and that can be used with Python Simple Server as well as any. So, only question is can you turn off the trusted lan (port 24) without shutting down the firewall and restarting?
Also, still checking on the Peasyport discrepancy. I may have had the firewall up on the computer using Peasyport to scan. Still, not sure why it would show 2 open ports when that computer would be locked down..... I'll let you know what I find...
|
Back to top
|
|
 |
|