Linux like other OS doesn't escape the rule, it needs to be protected against attacks and intrusion, so better equip your system with firewall before getting connected to the internet. A good exam[le of this kind of software is namely The Shorewall
(it provide a direct access through thedrakfirewall
using the console mode root).
:A small tool allowing you to set up a basic firewall on your system.
is default to Mandriva distribution.
Checking if service is enabled at startup
You must be aware by now GNU / Linux services are called daemons...Below you shall be provided, the necessary steps to set up your firewall.
- Go toMandriva Linux Control Center (root password required)
- In the System tab, select theEnable or disable system services option and search for the shorewall daemon.
- Note that it is crucial that this service should be defined as active and checked at startup.
The next step is to access the configuration panel of your firewall( configure your settings):-)
- Open a root user console and type in <gras>drakfirewall to access the Mandriva Linux Control Center
- From there to the Security tab
- Click on: Setting up a personal firewall to protect the computer,
- Don't forget to uncheck the boxes that disable you firewall at startup.
Enter your preferences
After the steps below,you will be provided with the multiple options and features,you may want to add to your firewall settings. These are discussed below:
The options you better check:
- Web Server: Important when hosting a website or a blog.
- Server name domain: Verify if association of network machine name to an IP address is allowed by your system.
- SSH Server: Secure connection to another machine (remote access) is allowed.
- FTP server: FTP transfers will not be secured, your username and password can be easily retrieved.
- POP and IMAP Server: In the case that your computer acts solely as a mail server.
- Windows File Sharing:If you installed Samba server, that will be connected with Windows based systems. If the machine is directly connected to the Web,better disable this feature.
- Server Cups:For print sharing in local network, enable it.If the machine is directly connected to the Web,better disable this feature.
- Echo Request (ping): Just ping to see whether a machine exists at the end of an IP address.If response is +ve, then check.
Handling BitTorrent Transfer
Clicking the Advanced button (bottom of the window), you can refine the settings.
You must actually access it to add permissions( Necessary to enable BitTorrent transfer).
If you want to add the TCPports 6881 to 6889 . Simply enter 6881:6889 / tcp. If in addition you want to add TCP port 8080, it will be
. Which you have included:
- 6881:6889 for ports 6881 to 6889
- / Or tcp/udp as the case directly attached to the port number
- A space between two different ports.
Mandriva is a frequently used BitTorrent protocol. Let's see this tip
- Allowed port 6881 to TCP 6889 by the Advanced button.
This gives 6881:6889/tcp
- Then, edit the file /etc/services root user.
E.g using profile: Username
- After a search of this file (Edit menu/ search), it was found that no permission required for BitTorrents ports 6881 to 6889.
- You can add the following lines
BitTorrent 6881/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6882/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6883/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6884/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6885/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6886/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6887/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6888/tcp BitTorrent # Transferts BitTorrent
BitTorrent 6889/tcp BitTorrent # Transferts BitTorrent
- Define the first BitTorrent service,
- Each port gets a BitTorrent service, one after the other,
- Define the second BitTorrent is an alias, to avoid getting lost in the procedure.
Not worth trying this type of trick: Multiple firewall = Multiple conflicts =Multiple Problems.
- No internet connection
- System crashes or lag
So better make a choice between Shorewall and its competitors.
Some useful links
- List of ports
- FAQ on BitTorrent
- More on Firewalls
- Alternatives à Shorewall
- IPTables :
- With GUI