1
1
I'm using Debian 8, and I want to update fwsnort rules through this command:
fwsnort --update-rules
Though after downloading 9.4 MB of rules in '/etc/fwsnort/snort_rules/emerging-all.rules' file, it fails to apply all rules in iptables through this command:
fwsnort --ipt-apply
and gives the error:
[+] Splicing fwsnort 11312 rules into the iptables policy...
iptables-restore v1.4.21: invalid port/service '[6789]' specified
Error occurred at line: 11131
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
and even when I try to directly restore all rules from emerging-all.rules back into iptables by using this command:
iptables-restore < /etc/fwsnort/snort_rules/emerging-all.rules
it results this output:
iptables-restore: line 53 failed
What's the problem with fwsnort?
Brian SP
Posted 2017-03-16T12:23:31.647
Reputation: 13
thanks for details, what's wrong with Debian? first SELinux and then fwsnort. I think not having a firewall would not be wise on Linux, would you suggest a firewall for Debian 8 and CentOS 7 pls? – Brian SP – 2017-05-07T18:11:04.003
No idea what you mean with "what's wrong with Debian?". fwsnort did not break only in Debian but upstream and hence in all distributions. Debian is the distribution which brought up the fix. And IMHO at least SElinux is not a firewall. (Not sure if fwsnort could be called a firewall.) Regarding firewalls: IMHO there's usually no need for a firewall. Just keeping your system up-to-date with security updates and configuring access to services provided by the system properly (in the server application) usually suffices way more than hiding problems behind blocking access on the network side. – Axel Beckert – 2017-05-07T20:05:21.510
again thanks for explaining firewalls and clearing this up 'cause I was blaming Debian :) and my apology about giving wrong info about SElinux, I had a problem installing it on my system, it's solved now, nothing wrong with its package. – Brian SP – 2017-05-08T07:52:21.960