| Linode Forum https://forum.linode.com/ |
|
| Firehol https://forum.linode.com/viewtopic.php?f=19&t=1788 |
Page 1 of 1 |
| Author: | mthaddon [ Mon Jul 18, 2005 7:18 pm ] |
| Post subject: | Firehol |
I'm planning to configure this as the firewall on my Linode and when I was doing: ip link show I get the following 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: teql0: <NOARP> mtu 1500 qdisc noop qlen 100 link/void 3: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 4: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether fe:fd:46:55:81:37 brd ff:ff:ff:ff:ff:ff 5: sit0@NONE: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 6: tunl0@NONE: <NOARP> mtu 1480 qdisc noop link/ipip 0.0.0.0 brd 0.0.0.0 7: gre0@NONE: <NOARP> mtu 1476 qdisc noop link/gre 0.0.0.0 brd 0.0.0.0 If I put together a firehol config file which specifies only the eth0 will these others be blocked, and can anyone confirm for me what those are and if they're vital to the operation of my Linode? Thanks, Tom |
|
| Author: | mthaddon [ Mon Jul 18, 2005 7:37 pm ] |
| Post subject: | |
Just tried it and got the following message - can anyone help out with this: Starting iptables firewall: FireHOL ... IMPORTANT WARNING: ------------------ FireHOL cannot find your current kernel configuration. Please, either compile your kernel with /proc/config, or make sure there is a valid kernel config in /lib/modules/2.4.29-linode39-1um/build/.config, /usr/src/linux/.config or /boot/config-2.4.29-linode39-1um Because of this, FireHOL will simply attempt to load all kernel modules for the services used, without being able to detect failures. Stopping: /etc/default/firehol forbids it. done. Thanks, Tom |
|
| Author: | caker [ Mon Jul 18, 2005 7:46 pm ] |
| Post subject: | |
Stupid startup script, that is... Anyhow, copy the contents of this post: http://www.linode.com/forums/viewtopic.php?p=6129#6129 into one of those files. -Chris |
|
| Author: | mthaddon [ Mon Jul 18, 2005 7:58 pm ] |
| Post subject: | |
Thanks, works a treat. So I'm assumiung I can ignore the other interfaces? Thanks, Tom |
|
| Author: | pclissold [ Tue Jul 19, 2005 8:24 am ] |
| Post subject: | |
mthaddon wrote: So I'm assuming I can ignore the other interfaces? Thanks, Tom
Yes. Well, I did and everything is fine. |
|
| Author: | jimcooncat [ Tue Aug 15, 2006 6:36 am ] |
| Post subject: | |
I'm posting this mainly so I can document my own setup, which is ubuntu dapper on a linode. Hopefully it will help others as well. mthaddon wrote: Just tried it and got the following message - can anyone help out with this: Starting iptables firewall: FireHOL ... IMPORTANT WARNING: ------------------ FireHOL cannot find your current kernel configuration. Please, either compile your kernel with /proc/config, or make sure there is a valid kernel config in /lib/modules/2.4.29-linode39-1um/build/.config, /usr/src/linux/.config or /boot/config-2.4.29-linode39-1um Because of this, FireHOL will simply attempt to load all kernel modules for the services used, without being able to detect failures. Firehol needs to find a kernel config in one of the above listed places. I wrote the following bash script for me to run if I have a kernel change (disclaimer, I'm a bash noob). The last line may need changing depending on your OS, or just omit it and restart firehol as you like to: Code: #! /bin/bash This next part of the original post reflects a completely different problem: mthaddon wrote: Stopping: /etc/default/firehol forbids it. done. Thanks, Tom You need to edit /etc/default/firehol so it says: Code: START_FIREHOL=YES |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|