Confused about firewall 2.6.26 - starting and configuring iptables?

[bigpcman]

I have installed the firewall~.tcz but I don't know how to start it or configure it. I don't see anything new in the ps output and there doesn't seem to be any iptables. Is there a man page for this extension somewhere?

[curaga]

Try iptables.tcel

It has both the iptables utilities for manual config and a basic firewall script that can be started from the menu.

[bigpcman]

Thanks for the response. I've tried to locate iptables.tcel and could not find it. As super user from / directory I did:

find . -name iptables.tcel  (nothing found)
find . -name *.tcel   (nothing found)

Any ideas?

[^thehatsrule^]

That kind of filename means it's an extension.  You can grab it from the repository.

[bigpcman]

Sorry, I still don't get what you mean. By repository do you mean the tce directory? There is a file called firewall.2.6.26.tczm in tce. Is this what I'm suppose to open to find the utilities? if so what program understands this file format?

-----------------------------------
edit: Ok I did a localinstall of the firewall-2.2.26 extension and then searched for it. I guess it loaded in /tmp/tcloop (see below screen shot) but now what. Do I have to manually unpack all the files in netfilter?

[curaga]

Sorry, we've been quite unclear here. The userspace tools, iptables, are in a separate extension, you can get it from the appbrowser, or download from here:
ftp://ftp.nluug.nl/pub/metalab/distributions/tinycorelinux/tce/iptables.tcel

[bigpcman]

Oh, now I see what you were trying to explain. That makes sense. Just to be clear, are the kernel modules installed and activated when the tce or tcz extensions are obtained by the app browser? Also, I've been reading up on the iptables configuration rule making and was wondering if any of you guys have tried Firewall Builder, the iptables gui (http://www.fwbuilder.org/).

[curaga]

"Activated" is a bit ambiguous term. When an module extension is loaded, the modules become available, but not loaded. They will then load automatically if you plug the device in after that, or you can load them yourself.

For the firewall modules, they get loaded automatically when you set a rule that needs them.

[bigpcman]

Thanks that makes sense.

[thane]

Bump.

I just installed iptables/firewall. I wanted to add the command to launch the firewall (/usr/local/sbin/basic - firewall) to bootlocal.sh.

Should this work? And is there a way to verify the firewall is running? When I launch from the menu the script says it is, but I don't see anything in the control panel processes that obviously relates to the firewall.

[Kingdomcome]

There is no firewall "program" that runs.  iptables firewalling happens in the kernel.  you can see the firewall rules that have been set by the basic script by running "sudo iptables -L" from a terminal

[thane]

Thanks, I'll try that.

[thane]

OK, the "sudo iptables -L" works, and it looks like adding the /usr/local/sbin/basic-firewall command to bootlocal.sh works (there shouldn't be spaces before and after the dash though).

On the other hand, now I'm a little concerned about the fact that I was running TCL and surfing the web for several months without a firewall. I'm booting off a read-only CD and my PC is behind a router so I guess I wasn't too vulnerable, but someone mentioned having a problem with a similar setup (rootkit?).

[curaga]

A firewall isn't really needed if you don't run any servers (ie. they can detect you are online, but cannot connect to you). The only server we run by default is X, and the default disables the networking functionality (-nolisten tcp).

The router should have blocked all calls your way, so even your presence shouldn't have shown.