Installing Firewalld onTrisquel

3 réponses [Dernière contribution]
Anonnoobsaibot
Hors ligne
A rejoint: 02/10/2019

Complete Noob here I’m trying to install firewalld on Trisquel from the source tar.gz file but I’m not exactly sure how to do so https://github.com/firewalld/firewalld im new to this some of this is over my head a bit.The reason i haven't downloaded it from the repos is due to it being on version 0.4.0 and the most up to date version is on 0.6.3.Could someone help me out

chaosmonk

I am a member!

I am a translator!

Hors ligne
A rejoint: 07/07/2017

> The reason i haven't downloaded it from the repos is due to it
> being on version 0.4.0 and the most up to date version is on 0.6.3.Could
> someone help me out

What specific feature do you need that 0.4.0 doesn't have? If you really
need something in the latest version that is missing from 0.4.0 then it
might be worth upgrading and we can walk you through it. If you just
want it because it's new then you should just stick with the stable
version in the repos. If you upgrade for no reason, then either (a) you
won't be able to tell the difference between the two versions or (b) the
new version will introduce new bugs.

cendolrasadelima
Hors ligne
A rejoint: 02/12/2019

hello,

you can try shorewall, its simple firewall

ADFENO
Hors ligne
A rejoint: 12/31/2012

Em 13/02/2019 00:54, name at domain escreveu:
> Complete Noob here I’m trying to install firewalld on Trisquel from the
> source tar.gz file but I’m not exactly sure how to do so

I don't know what you want to do with firewalld, but I personally use
iptables, which is already installed by Trisquel's default. The note is
that NetworkManager (also installed by default) makes iptables stay in
allow-everything by default. Both iptables and NetworkManager are good
to have, don't uninstall. Instead, configure this one to allow iptables
to coexist while still letting NetworkManager control the connections.

To allow iptables to coexist with NetworkManager, you will need to make
a simple text file in "/etc/NetworkManager/dispatcher.d" whose name
would appear first when sorting alphabetically, I would suggest any name
starting with "01" (a zero and the number 1).

In that file, put something like this (not tested, some tweaks or test
might need to be done):

--cut-here-------------------------------------------------------------
case "$2" in
up) /sbin/iptables-restore -c < /etc/iptables.rules;;
down) /sbin/iptables-save -c > /etc/iptables.rules;;
*) ;;
esac
--cut-here-------------------------------------------------------------

Set the permissions and ownership of simple text file created like this:

--cut-here-------------------------------------------------------------
chmod "u=rwx,g=rx,o=rx" "File"
chown "root:root" "File"
--cut-here-------------------------------------------------------------

Restart the computer and from now on you can use the power of iptables
to do more than what port-based firewalls do, by using a packet
inspection driven rule set.