Guard Dog not effective on services startup

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Somebody on a NG (probably here) suggested Guarddog as a simple
interface to iptables.  I have been using it for a few months, and am
pleased with its simplicity.  However, there is part of its behavior
that I don't understand.

For security reasons, I do not start all services at boot.  However, I
have observed that when I start services ad hoc, iptables is blocking
access to them.  The resolution is to open Guarddog and click on the
Apply button *without changing any of the settings*.  As soon as I do
that (and accept the warning), everything connects perfectly.

This happens on both local and internet protocols.  For example, http
and https are enabled on the Internet and local protocol panels, but
when I start Apache, nobody can connect until I click the Guarddog Apply
button.  ssh is only authorized on the Local panel, but again, when I
start sshd, no local machines can connect until I click the Apply button.

Is this "working as intended", or do I have some configuration to change?



Re: Guard Dog not effective on services startup

Quoted text here. Click to load it
If memroy serves:

I think there was a buggy release of Guarddog some time ago and the
problem was it didn't save changed iptables setting in a proper way
so they did only work until next boot.

If this is your problem I am a little surprised as I think that realese
happened more than a year ago.

I don't use Guarddog now so I am not familiar with its current status.


                                   "Problems worthy of attack
                                    prove their worth by hitting back"
                                                            Piet Hein

Re: Guard Dog not effective on services startup

JimR wrote:

Quoted text here. Click to load it

guarddog don't do nothing in the /etc/init.d/iptables script, instead it
creates a /etc/init.d/guarddog script, so start you firewall with
/etc/init.d/guarddog start|restart|whatever
(mư path may be a little diferent from yours)


Site Timeline