Installing Firewalld onTrisquel
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
Complete Noob here I’m trying to install firewalld on Trisquel from the source tar.gz file but I’m not exactly sure how to do so https://github.com/firewalld/firewalld im new to this some of this is over my head a bit.The reason i haven't downloaded it from the repos is due to it being on version 0.4.0 and the most up to date version is on 0.6.3.Could someone help me out
> The reason i haven't downloaded it from the repos is due to it
> being on version 0.4.0 and the most up to date version is on 0.6.3.Could
> someone help me out
What specific feature do you need that 0.4.0 doesn't have? If you really
need something in the latest version that is missing from 0.4.0 then it
might be worth upgrading and we can walk you through it. If you just
want it because it's new then you should just stick with the stable
version in the repos. If you upgrade for no reason, then either (a) you
won't be able to tell the difference between the two versions or (b) the
new version will introduce new bugs.
hello,
you can try shorewall, its simple firewall
Em 13/02/2019 00:54, name at domain escreveu:
> Complete Noob here I’m trying to install firewalld on Trisquel from the
> source tar.gz file but I’m not exactly sure how to do so
I don't know what you want to do with firewalld, but I personally use
iptables, which is already installed by Trisquel's default. The note is
that NetworkManager (also installed by default) makes iptables stay in
allow-everything by default. Both iptables and NetworkManager are good
to have, don't uninstall. Instead, configure this one to allow iptables
to coexist while still letting NetworkManager control the connections.
To allow iptables to coexist with NetworkManager, you will need to make
a simple text file in "/etc/NetworkManager/dispatcher.d" whose name
would appear first when sorting alphabetically, I would suggest any name
starting with "01" (a zero and the number 1).
In that file, put something like this (not tested, some tweaks or test
might need to be done):
--cut-here-------------------------------------------------------------
case "$2" in
up) /sbin/iptables-restore -c < /etc/iptables.rules;;
down) /sbin/iptables-save -c > /etc/iptables.rules;;
*) ;;
esac
--cut-here-------------------------------------------------------------
Set the permissions and ownership of simple text file created like this:
--cut-here-------------------------------------------------------------
chmod "u=rwx,g=rx,o=rx" "File"
chown "root:root" "File"
--cut-here-------------------------------------------------------------
Restart the computer and from now on you can use the power of iptables
to do more than what port-based firewalls do, by using a packet
inspection driven rule set.
- Vous devez vous identifier ou créer un compte pour écrire des commentaires