| View previous topic :: View next topic |
| Author |
Message |
marrowhk
Apprentice
Joined: 25 Jul 2007
Posts: 250
|
 Posted: Sun Dec 16, 2007 9:39 am Post subject: Shorewall and Webmin 1.380 setup |
 |
|
HOWTO: Setup shorewall and control it with webmin 1.38
===========================================
webmin 1.38 contains the shorewall module by default (portage uses webmin-1.37.x)
What we'll be doing:
Emerging shorewall and setting up the firewall then emerging webmin-1.380 and fine tuning shorewall via webmin
===========================================
FIREWALL
1. #emerge shorewall shorewall-common shorewall-shell shorewall-perl
2. edit your shorewall setup
###MYSHOREWALL SETUP###
[ INTERNET --> ISP-BROADBAND-MODEM --> ROUTER --> PC ]
/etc/shorewall/zones
| Code: | fw firewall
net ipv4 |
/etc/shorewall/interfaces
| Code: | | net eth0 detect routefilter,logmartians,nosmurfs,tcpflags,blacklist |
/etc/shorewall/policy
| Code: | $FW net ACCEPT
net all DROP info
all all DROP info |
/etc/shorewall/shorewall.conf
| Code: | | STARTUP_ENABLED=Yes |
3. Check shorewall configuration and start up.
| Code: | #shorewall check
#eselect rc add shorewall default
#eselect rc start shorewall |
WEBMIN
4. Create overlay for webmin, edit the ebuild and emerge webmin
| Code: | # mkdir /usr/local/portage/app-admin
# cp -Rf /usr/portage/app-admin/webmin /usr/local/portage/app-admin
# cd /usr/local/portage/app-admin/webmin
# cp webmin-1.370-r1.ebuild webmin-1.380.ebuild
# nano -w webmin-1.380.ebuild (SEE THE CHANGES BELOW)
# ebuild webmin-1.380.ebuild digest |
EBUILD CHANGES: change the ebuild header and comment-out the postfix patch
| Code: | # $Header: /var/cvsroot/gentoo-x86/app-admin/webmin/webmin-1.380.ebuild $
# epatch "${FILESDIR}"/${PN}-1.300-postfix.patch |
5. #emerge webmin
| Code: | #eselect rc add webmin default
#eselect rc start webmin |
6. Change default webmin password
| Code: | | #/usr/libexec/webmin/changepass.pl /etc/webmin root XXXX |
7. Login to webmin (login and password = root : XXXX)
8. Checkout the shorewall settings
After logging in go to Networking / Shoreline Firewall and the fun starts!
===============================================
 I love the new webmin set-up pf 1.38, it's a massive step up from 1.37. Hope this is helpful until portage ups to 1.38. 
===============================================
_________________
You'll always come back to GENTOOOOOOO ! (Trust me...) |
|
| Back to top |
|
 |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Documentation, Tips & Tricks
