Firewall software for Linux?

I am looking for software firewall for Mandriva (Mandrake LInux) that will
allow me to easily configure port forwarding to allow gaming on my LAN,
etc. I have Guarddog, but when attempting to configure (open) specific
ports, it only lets me do one port number (e.g. 7787) at a time; I need to
configure a software firewall to allow a range of ports (e.g Unreal
Tournament requires 27900 to 28902 (notice this is 1,002 ports, not 2) TCP
and 7777 to 7787 UDP to be open. Any such open source software firewalls
for this? I do have a router (Linksys) firewall set up with hardened wifi
encryption, MAC filtering, Gaming port forwarding specified; do I even need
a software firewall since I have my router firewall in place?

On Fri, 01 Jul 2005 15:00:09 -0500, Protagoras wrote:
> I am looking for software firewall for Mandriva (Mandrake LInux) that will
> allow me to easily configure port forwarding to allow gaming on my LAN,
> etc.

I used the out of the box Mandriva firewall Shorewall.

Using webmin will let you use a gui interface to edit the files found
in /etc/shorewall if you use https:localhost:1000 in your browser
to connect to the webmin server.

Looking at http://www.shorewall.net/Documentation_Index.html there is
a link for Port Ranges in chapter 9.

Protagoras <protagoras@miworld.net> writes:

>I am looking for software firewall for Mandriva (Mandrake LInux) that will
>allow me to easily configure port forwarding to allow gaming on my LAN,
>etc. I have Guarddog, but when attempting to configure (open) specific
>ports, it only lets me do one port number (e.g. 7787) at a time; I need to
>configure a software firewall to allow a range of ports (e.g Unreal
>Tournament requires 27900 to 28902 (notice this is 1,002 ports, not 2) TCP
>and 7777 to 7787 UDP to be open. Any such open source software firewalls
>for this? I do have a router (Linksys) firewall set up with hardened wifi
>encryption, MAC filtering, Gaming port forwarding specified; do I even need
>a software firewall since I have my router firewall in place?

Mandrake comes with shorewall.
In /etc/shorewall/rules
# DEST PORT(S) Destination Ports. A comma-separated list of Port
# names (from /etc/services), port numbers or port
# ranges; if the protocol is "icmp", this column is
# interpreted as the destination icmp-type(s).
#
# A port range is expressed as <low port>:<high
# port>.

So it looks like it will do what you want.

On 2005-07-01, Protagoras <protagoras@miworld.net> wrote:

> I am looking for software firewall for Mandriva (Mandrake LInux) that will
> allow me to easily configure port forwarding to allow gaming on my LAN,
> etc. I have Guarddog, but when attempting to configure (open) specific
> ports, it only lets me do one port number (e.g. 7787) at a time; I need to
> configure a software firewall to allow a range of ports (e.g Unreal
> Tournament requires 27900 to 28902 (notice this is 1,002 ports, not 2) TCP
> and 7777 to 7787 UDP to be open. Any such open source software firewalls
> for this?

Linux has had the iptables packet filter since kernel 2.4.x (ipchains in
earlier kernels). There are several gui front-ends to iptables, but I've
never used then -- it's pretty straightforward. "man iptables"


> I do have a router (Linksys) firewall set up with hardened wifi
> encryption, MAC filtering, Gaming port forwarding specified; do I even need
> a software firewall since I have my router firewall in place?

Not unless your linux machine is sitting in between your gaming machine
and the router. But depending on your router firewall, you may find
iptables to be more versatile.

--

-John (john@os2.dhs.org)