Page 11 of 12 FirstFirst ... 9101112 LastLast
Results 101 to 110 of 114

Thread: Creating a Firewall for Your Ubuntu Desktop

  1. #101
    Join Date
    Dec 2005
    Location
    N.C.
    Beans
    4,796
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: icmp

    Quote Originally Posted by Ms. Daisy View Post
    Choose to modify either iptables or UFW, but you have to stick to one or the other.

    The syntax for UFW to allow ICMP traffic (Lars Nooden showed it above for iptables) is this:

    Code:
    -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT
    -A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT
    -A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT
    -A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT
    -A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
    My /etc/ufw/before.rules shows the above icmp accepted by default, a google search mentioned to change the "ACCEPT" to "DROP" not to accept icmp requests. I'm only beginning to be aware of security in Ubuntu, thanks to Dangertux's tutorial I'm trying to get ufw configured, but I guess it's OK to leave ufw at it's icmp defaults. Thanks for all your work on the Basic Ubuntu Security Wiki putting it together with haqking, Dangertux, and many other contributors.

  2. #102
    Join Date
    Jun 2006
    Location
    Florida, USA
    Beans
    28
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: Creating a Firewall for Your Ubuntu Desktop

    Question:

    I have just installed and configure the firewall with the info here and everything work. However, my wireless network printer (it was tested before configure the firewall) is not working now. I know that is the firewall setting because when it is disable the printer work. So my question is how I create a rule to allow the printer? Can you point me out a link to get more info on this?
    No, I don't do Windows, but I know how to solve your problem ...
    format c:

  3. #103
    Join Date
    Jul 2008
    Location
    Canada
    Beans
    1,949
    Distro
    Ubuntu Development Release

    Re: Creating a Firewall for Your Ubuntu Desktop

    Quote Originally Posted by Electron View Post
    Question:

    I have just installed and configure the firewall with the info here and everything work. However, my wireless network printer (it was tested before configure the firewall) is not working now. I know that is the firewall setting because when it is disable the printer work. So my question is how I create a rule to allow the printer? Can you point me out a link to get more info on this?
    Make sure TCP 631 is open. Also do a search on your printer as another port may need to be open.
    UsingTheTerminal

    Smile today, cry tomorrow!
    ( Read this everyday )

  4. #104
    Join Date
    Dec 2005
    Location
    N.C.
    Beans
    4,796
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Creating a Firewall for Your Ubuntu Desktop

    Quote Originally Posted by Electron View Post
    Question:

    I have just installed and configure the firewall with the info here and everything work. However, my wireless network printer (it was tested before configure the firewall) is not working now. I know that is the firewall setting because when it is disable the printer work. So my question is how I create a rule to allow the printer? Can you point me out a link to get more info on this?
    What I did was open ufw log file viewer and saw that port 9100 tcp was being blocked whenever I tried to access my HP wireless printer.
    Opened the port in ufw & all was well.
    Last edited by confused57; June 12th, 2012 at 04:38 AM.

  5. #105
    Join Date
    Sep 2012
    Beans
    1

    Re: Creating a Firewall for Your Ubuntu Desktop

    @Azrael84; Hey, I had the same problem with Transmisson, you just have to add a rule for 80,6969/udp, wich are the ports used by trackers, cheers.
    Last edited by CoyoteMX; September 19th, 2012 at 10:43 PM. Reason: Needed to add info to the reply

  6. #106
    Join Date
    Jul 2011
    Beans
    12

    Re: Creating a Firewall for Your Ubuntu Desktop

    Leopard Flower personal firewall for Linux (LPFW) gives the user control over which applications are allowed to use the network and is very easy to setup. Detailed steps are shown below


    • These packages should be installed for compiling-
      • iptables
      • libnetfilter-queue
      • libnetfilter-conntrack
      • python-qt4
      • libnetfilter-queue-dev
      • libnetfilter-conntrack-dev
      • libcap-devlibpython2.6
      • zenity
      • python2.6-dev



    • Download source code of leopard ( I have used leopard version -0.4 on ubuntu 12.04 i386)


    • extract the zip file
    • Open terminal and cd to that directory
    • Execute following commands
      • mkdir build
      • cd build
      • make -C ../ DESTDIR=`pwd`

    • Now 'build' folder will contain lpfw-pygui folder and three binary files lpfwcli, lpfw, lpfwgui, lpfw
    • Include one more file in this folder in the name 'leopardclient' and add following text into it

    #!/bin/sh
    set -e
    cd `pwd`
    #!/bin/sh
    pkill -9 -f lpfwgui.py
    cd /usr/local/leopardfirewall
    pidof lpfwpygui && yes=1 || yes=0
    if [ $yes -eq 1 ]
    then
    echo "Some other user has started lpfwpygui"
    else
    echo "starting lpfwpygui-1"
    ./lpfwpygui
    fi
    • Give execution permission to this file. (In Nautilus file manager-: property>permisssion> Execution: <tick>)
    • Copy build folder into /usr/local and rename as say, leopardfirewall (for that you have to open nautilus in as root user; execute: sudo nautilus /usr/local )
    • Now make usergroup with name "lpfw" (Make use of Users and Group application). Don't add any user into this account
    • Now we have to start lpfw as root user on boot up, for that do following
    • In etc/init.d make a file in the name 'leopard' and add following text into it

    #!/bin/sh
    # Starts and stops leopard -lpfw
    #


    case "$1" in
    start)

    start-stop-daemon --start --exec /usr/local/leopardfirewall/lpfw

    ;;

    stop)

    start-stop-daemon --stop --exec /usr/local/leopardfirewall/lpfw
    ;;

    restart)
    $0 stop
    $0 start
    ;;


    *)
    echo "Usage: $0 {start|stop|restart|status}"
    exit 1
    esac
    • In etc/init make a file in the name 'leopard.conf' and add following text into it

    start on (starting networking and started rsyslog)

    exec /usr/local/leopardfirewall/lpfw
    • Now you restart PC and login , you will find that application cannot access internet. open terminal and execute '/usr/local/leopardfirewall/leopardclient'
    • Now gui will open and ask for your permission to allow/deny applications
    • Once you have allowed/denied permanently that rule will be added to /etc/lpfw.rules. and those applications can access internet even if you have not started leopardclient software.
    • If want to open leopardclient from dash or application menu, do following
    • Make a file in '/usr/share/applications/' in name 'LEOPARD.desktop' add the following and make execution bit true

    [Desktop Entry]
    Version=0.4
    Type=Application
    Terminal=false
    Exec=/usr/local/leopardfirewall/lpfw
    Name=Firewall-Leopard client
    Comment=Allows you to allow internet access
    Icon=/usr/share/icons/filefWo6iH.png
    Categories=Application;Network;
    (see whether icon is present in the folder or assign a picture of your choice)
    • Now Firewall-Leopard client will appear under internet applications


    -----------------------------------------------------------------------------------------------------------------------
    Last edited by liju.g.chacko; November 18th, 2012 at 07:35 AM.

  7. #107
    Join Date
    Nov 2005
    Location
    Sydney, Australia
    Beans
    216
    Distro
    Ubuntu Studio 12.04 Precise Pangolin

    Re: Creating a Firewall for Your Ubuntu Desktop

    Thanks for the great guide. I installed GUFW and lost communication to my 2 wifi printers. Is there another port I need to allow?
    Just think how boring life would be without Ubuntu

  8. #108
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Creating a Firewall for Your Ubuntu Desktop

    I'd suggest turning off your firewall, opening a terminal and enter the following command:

    Code:
    sudo watch netstat -anltp
    then send a print job to each of your wireless printer,

    you should see something like this:

    Code:
    tcp        0  27304 192.168.0.102:38328     192.168.0.109:9100      ESTABLISHED 32171/192.168.0.109
    In the above example the ip address of the system I'm using is 192.168.0.102, and the ip address of the networked printer is 192.168.0.109. you can tell which ports they are using by the number after the ip address, in this case the host is using port #38328, and the printer is using port #9100. With this info in hand, you should be able to choose what ports to leave open in order to print.

  9. #109
    Join Date
    Dec 2007
    Beans
    7

    Exclamation Re: Creating a Firewall for Your Ubuntu Desktop (the original Poster)

    the original Poster of this page :
    Creating a Firewall for Your Ubuntu Desktop
    fails to include these pictures :
    http://dangertux.no-ip.org/downloads/1.png
    http://dangertux.no-ip.org/downloads/2.png
    http://dangertux.no-ip.org/downloads/3.png
    http://dangertux.no-ip.org/downloads/4.png

    perhaps insert the images or use a third party ...

  10. #110
    Join Date
    Jul 2008
    Location
    Canada
    Beans
    1,949
    Distro
    Ubuntu Development Release

    Re: Creating a Firewall for Your Ubuntu Desktop (the original Poster)

    Quote Originally Posted by six^letters^digits View Post
    the original Poster of this page :
    Creating a Firewall for Your Ubuntu Desktop
    fails to include these pictures :
    http://dangertux.no-ip.org/downloads/1.png
    http://dangertux.no-ip.org/downloads/2.png
    http://dangertux.no-ip.org/downloads/3.png
    http://dangertux.no-ip.org/downloads/4.png

    perhaps insert the images or use a third party ...
    Your 4 links are dead.
    UsingTheTerminal

    Smile today, cry tomorrow!
    ( Read this everyday )

Page 11 of 12 FirstFirst ... 9101112 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •