I'm trying to set up a very simple firehol setup under a brand new Debian7 server. I only installed ssh and sudo before this
Installed firehol with
sudo apt-get install firehol
Changed the config in /etc/firehol/firehol.conf to:
#!/sbin/firehol
version 5
interface eth0 y1
policy drop
server ICMP accept
server ssh accept
client all accept
And after I enter
firehol try
the ssh session was frozen for 30 seconds (lucky me I asked to try only) and there's this output:
IMPORTANT WARNING: ------------------ FireHOL cannot find your current kernel configuration. Please, either compile your kernel with /proc/config, or make sure there is a valid kernel config in: /usr/src/linux/.config
Because of this, FireHOL will simply attempt to load all kernel modules for the services used, without being able to detect failures.
FireHOL: Saving your old firewall to a temporary file: OK FireHOL: Processing file /etc/firehol/firehol.conf: OK FireHOL: Activating new firewall (53 rules):
-------------------------------------------------------------------------------- WARNING : This might or might not affect the operation of your firewall. WHAT : A runtime command failed to execute (returned error 1). SOURCE : line FIN of /etc/firehol/firehol.conf COMMAND : /sbin/modprobe ip_conntrack_irc -q OUTPUT :
-------------------------------------------------------------------------------- WARNING : This might or might not affect the operation of your firewall. WHAT : A runtime command failed to execute (returned error 1). SOURCE : line FIN of /etc/firehol/firehol.conf COMMAND : /sbin/modprobe ip_conntrack_ftp -q OUTPUT :
I installed a firehol in another very similar server and never got an issue
