Re: Firewall: Need Advice

[Horst Pflugstaedt <Pfaedt@uni-duisburg.de>]

On Sat, Feb 07, 2004 at 10:38:51AM +0200, E&Erdem wrote:
> Hi,
> I've been using iptables (or i assuming that). But at boot time it gives
> an error: "Aborting iptables load: unknown rulesets "active" ". I

you should first try zo find out, what ruleset iptables tries to load
on boot-time (go, find /etc/init.d/firewall or /etc/init.d/iptables
or something like that...). When you found out, which ruleset wants to
be loaded at boottime, you should use your knowledge on iptables to
find the error :-)

> couldn't find the problem. I searched via google, and found
> dpkg-reconfigure iptables. But it didn't help. I read a lot of iptables
> documents. But i think i lost some points, because i don't understand
> something. 
> 
> Before this i want to ask that, do i need firewall? Yes, i know this is

Yes, you do need a firewall. A firewall is a big help to keep others
outside your system. It's a help to detect attacs. It's a big help to
anyone concerned about security.

> very important tool for whose, who taking care about security. And i can
> say i'm a paranoid about security. But all of my ports closed. There
> isn't any service listen. But sometimes i need httpd and ssh.

and you probably have installed exim (smtpd), an nameservice caching
daemon (dns)... the fact that on most of your ports no service is
listening does not mean theyre closed... they are only not used. You
need a firewall to actively close them to the world.

> 
> This machine shares internet connection with a small network. So i have
> to becareful about this. 

yes. right. be careful and use iptables.


Use the force, luke :-)

Horst.