Installing Arno Iptables in OpenSuse linux 42.1

Iptables needs root privileges to work and should be executed by user root. Iptables is a rule-set driven application that is pre-packaged and pre-compiled on most recent Linux distributions for determining routes of incoming and outgoing packets depending on rules criteria. This means unlike old packages that you needed to compile, you don’t have to worry about that now. All things have been done for you, all you need to do is install it. By-default, it runs without any rules or policies, so you have to input rules according to your needs

Arno iptables?

Arno iptables is a multi-homed firewall script with DSL/ADSL support compiled by Arno van Amersfoort. It is a free software and is distributed GNU General Public License agreement. It is a secure stateful filtering firewall that supports Masquerading (NAT) and SNAT. It is a comfortable tool for Sys Admins where 1000s of different rules should be written for the most secure server. It is also written with an interactive wizard interface.

issue the following command to your Linux to download arno iptables.

sudo wget http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/arno-iptables-firewall_2.0.1f.tar.gz

It will download the latest source code for a stable release

Now extract the files from the tar archive

sudo tar -zxvf arno-iptables-firewall_2.0.1f.tar.gz

And then install with the command, it will present you with a window  with Yes / No options;

Hit Y to continue

./install.sh

Install_OpenSUSE_arnoiptables

the next prompt will ask you,

“Do you want me to help you setup a basic configuration (Y/n)?”, hit Y.

Configure_OpenSUSE_arnoiptables

Hit Y if you want to automate it at boot time;

ArnoOpenSUSEstep1

Hit Y again for the verbose mode prompt.

For the next prompt

Do you want me to help you setup a basic configuration (Y/n)?“, hit Y.

input  your WAN interface (multiple interfaces should be comma separated)! Enter your WAN and LAN interfaces, normally eth0 for WAN and ethX for LAN.

From here, you will get more questions on, ports to enable, If you want to enable ICMP echo PING, IPV6 and DHCP answer these questions according to your needs. For my case I enable ICMP ping.

If you want to understand the program arno iptables more better, read the manual file.

sudo man man arno-iptables-firewall

arnostep7_1
To view the policy and rules and the status of the firewall, use the next command to check arno iptables.

sudo /etc/init.d/arno-iptables-firewall status

arnostep7_3

You can now successfully build rules and policies using iptables

 

Advertisements

Comments are closed.

%d bloggers like this: