[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] pmfirewall
- Subject: [cobalt-users] pmfirewall
- From: "Gerald Waugh" <gerald@xxxxxxxxx>
- Date: Sat Sep 22 17:08:24 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Questions and answers for pmfirewall install.sh
This server was not running named, but is running
ftp, pop, ssh, smtp, httpd, admserv, ssl,
Welcome to the pmfirewall setup script.
.....................................................................
You will now be prompted for your system configuration. Normally the
defaults are sufficient, but be sure they are correct!
Directory to place config files [/usr/local/pmfirewall]: <hit enter>
What is your External Interface? <hit enter>
Are there any IP ranges which require unrestricted access? (y/N): <hit enter>
Are there any IP ranges which should be blocked completely? (y/N): <hit enter>
Is your IP address assigned via DHCP? (y/N): <hit enter>
Are you running a FTP Server on ports: 20/21 (y/N): <enter y>
Enter the IP Range or press ENTER for any IP address: <hit enter>
Are you running a SSH Server on port: 22 (y/N): <enter y>
Enter the IP Range or press ENTER for any IP address: <hit enter>
Are you running a Telnet Server on port: 23 (y/N): <hit enter>
Are you running a SMTP Server on port: 25 (y/N) <enter y>
"Enter the IP Range or press ENTER for any IP address: <hit enter>
Are you running a DNS Server on port: 53 (y/N): <hit enter>
Are you running a Finger Server on port: 79 (y/N): <hit enter>
Are you running a Web Server on port: 80 (y/N): <enter y>
Enter the IP Range or press ENTER for any IP address: <hit enter>
Are you running a POP Server on port: 110 (y/N): <enter y>
Enter the IP Range or press ENTER for any IP address: <hit enter>
Allow IDENT connections on port: 113 (y/N): <enter y>
Are you running a NNTP Server port: 119 (y/N): <hit enter>
Are you using NTP, it requires port: 123 (y/N): <enter y> providing you are
using NTP
Enter the IP Range or press ENTER for any IP address: <18.26.4.105> [The IP
address of your NTP server]
Do you wish to open NetBIOS/SAMBA ports 137-139 (not recommended)? (y/N): <hit
enter>
Are you running an IMAP Server on port: 143 (y/N): <hit enter> [Unless you are
running IMAP]
Are you running a SSL Web Server on port: 443 (y/N): <enter y> [you should be
using at least a self-signed-cert]
Enter the IP Range or press ENTER for any IP address: <hit enter>
Are you running Routed (RIP) on port: 520 (y/N) <hit enter>
Do you wish to open NFS port 2049 (not recommended)? (y/N): <hit enter>
Do you wish to open X-Server ports 5999-6003 (not recommended)? (y/N): <hit
enter>
Are there any other ports you wish to open to the outside? (y/N): <enter y>
Port number: <enter 873>
tcp, udp or both: <tcp>
Enter the IP Range or press ENTER for any IP address: <enter 1.2.3.4/24> [enter
the subnet to have access]
Do you wish to add others? (y/N): <enter y>
Port number: <enter 81>
tcp, udp or both: enter <tcp>
Enter the IP Range or press ENTER for any IP address: <hit enter>
Do you wish to add others? (y/N): <enter y>
Port number: <enter 444>
tcp, udp or both: enter <tcp>
Enter the IP Range or press ENTER for any IP address: <hit enter>
Do you wish to add others? (y/N): <hit enter>
Start PMFirewall on bootup? (Y/n): <hit enter>
Do you want pmfirewall to autodetect your IP address? (Y/n) <hit enter>
Will this box Masquerade connections for other PC's (y/N): <hit enter>
look at /usr/local/pmfirewall/pmfirewall.rules.local to see the configured rules
If the rules look OK
You need ports 20,21,22,25,80,81,110,443,444 minimum for
ftp,pop,ssh,smtp,httpd,ahttpd,ssl,ahttpd
run "/etc/rc.d/init.d/pmfirewall start" to start the firewall then
run "ipchains -L -n" to look at the rules
Gerald