You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2012-10-25 02:06:03
- PaulBx1
- Member
- Registered: 2008-10-18
- Posts: 142
How to tell if I'm running a firewall?
When I installed arch a while ago (a year?) I was pretty sure I added a firewall. However now when I issue the "iptables" or "iptables -nvL" command it says "command not found". I don't recall what front end I (supposedly) installed. I did change to systemd in the meantime, maybe that is what caused it to go awol.
It was not crucial because I am behind a router, but now that my son is punching holes in the router firewall for his games, I'd like to fix this situation.
A couple of things confuse me. If iptables is part of the kernel then I shouldn't have to install it, right? But then it should respond to "iptables -nvL" I would think.
Also I wonder if I have a front end even if there is no iptables. I did try "pacman -Qs firewall" and got nothing. Also when I did "pacman -Ss firewall" I found a few front ends like shorewall and ufw but no iptables.
Last edited by PaulBx1 (2012-10-25 02:07:09)
Offline
#2 2012-10-25 02:07:53
- WonderWoofy
- Member
- From: Los Gatos, CA
- Registered: 2012-05-19
- Posts: 8,414
Re: How to tell if I'm running a firewall?
It makes me curious as to why you did not do $ pacman -Ss iptables ?
Offline
#3 2012-10-25 02:22:36
- PaulBx1
- Member
- Registered: 2008-10-18
- Posts: 142
Re: How to tell if I'm running a firewall?
Guess I just assumed the description for iptables would have "firewall" in it. Silly me.
Well I must have been hallucinating that I had a firewall before. Anyway there is none now that I can tell ("systemctl" does not display anything having to do with firewalls or iptables either). So, I suppose I will just install a firewall and front end as if I never had...
Offline
#4 2012-10-25 05:01:11
- ConnorBehan
- Package Maintainer (PM)
- From: Long Island NY
- Registered: 2007-07-05
- Posts: 1,359
- Website
Re: How to tell if I'm running a firewall?
I imagine the situation with iptables is similar to udev. Support for it is built into the kernel but you still need to install a userspace program in order to take advantage of it.
6EA3 F3F3 B908 2632 A9CB E931 D53A 0445 B47A 0DAB
Great things come in tar.xz packages.
Offline
#5 2012-10-25 07:04:10
- hunterthomson
- Member
- Registered: 2008-06-22
- Posts: 794
- Website
Re: How to tell if I'm running a firewall?
Well ya, iptables and Netfilter is part of the Kernel, but you configure it with userspace tools.
You had it right you tell what rules are configured with the command: iptables -nvL
Personaly, I love arno-iptables-firewall script that is in the AUR. It makes it vary easy to do NAT, Port-Forwarding, and everything you would ever want. It also makes vary secure rules to prevent all kinds of attacks. I really could not do a better job myself. I found that basicaly all the GUI "firewall" iptables configuration programs only set vary basic rules.
This is the systemd unit file I use to start/stop
/usr/lib/systemd/system/arno-iptables-firewall.service
[Unit]
Description=Arno iptables firewall
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/sbin/arno-iptables-firewall start
ExecStop=/usr/sbin/arno-iptables-firewall stop
[Install]
WantedBy=multi-user.targetYou configure it by editing /etc/arno-iptables-firewall/firewall.conf
OpenBSD-current Thinkpad X230, i7-3520M, 16GB CL9 Kingston, Samsung 830 256GB
Contributor: linux-grsec
Offline
#6 2012-10-25 19:51:34
- Strike0
- Member
- From: Germany
- Registered: 2011-09-05
- Posts: 1,429
Re: How to tell if I'm running a firewall?
Another easy to setup tool for iptables is: https://wiki.archlinux.org/index.php/Ufw
or more generally have a look at: https://wiki.archlinux.org/index.php/Firewalls
Offline
Pages: 1