Three hours down the drain tonight trying to get the firewall working. I watched video, read three tutorials and twenty forum messages--nothing availed.
Will I recommend Linux to anybody? Yes, people I don't like.
The regrettable truth, and I don't like saying it, is that folks would be better off paying $1000 for a single copy of Windows XP 32-bit. What's that? Windows XP only costs $100 on Ebay? What a bargain. Buy it now.
Update: I finally got the firewall working right(er) at 05:21, after picking up a subtle clue on a stray tutorial somewhere out there in Internet land. Turns out the other tutorials, forum messages, Youtube video, et al were all wrong about how to whitelist IP ranges. The From...To thing doesn't work for me. I tried it six ways to Sunday. Seems broken. What does work is adding one single exception to allow Incoming. I found that whitelisting 127.0.1.0/24 in the "From" field--and leaving the To field blank--does the trick. That single line was ALL that was needed to permit local network shares to continue functioning. Period.
I felt a little guilty about all the bellyaching I've been doing in my blog about Linux Networking until I read some asides from experienced Linux gurus that basically said they just about yanked their router out of the wall and threw it out the window. I think frustration is fairly widespread. Of course, the truth is I did have trouble configuring Windows networking, too. Not as much trouble by about five to one, but I did have some difficulty. The thing with Windows is its all graphical and options are quite limited (protecting the user from himself) and the documentation available on the Internet is comprehensive, even without Microsoft, and I've never used Microsoft technical support in all my days.
Once you get Linux working, there's a sense of "Oh, wow, this is neat!" and a feeling of remorse ensues. Now why did I ever, ever doubt my darling, free, lovely Linux? how could I be so fickle? so...disloyal, when Linux has done everything for me? Yeah, I do feel pangs of conscience, which is weird, I know.
When it works, it's the greatest thing since sliced bread. When it doesn't, if you can't figure it out after many long hours of trying, then you want to throw it out the window. That's the cardinal truth about computers, doesn't matter if it's Linux or anything else.
I guess I'm just relieved that Linux is logical after all, that I finally proved that it is a system based upon rules that I can actually understand if I just deduce what those rules are in the first place. Unfortunately, documentation is lacking, to put it mildly, which is why I spent 99% of my time researching on the Internet and only 1% actually doing something. There are secrets hidden away that you can never discover in a million years unless you read the secret straight from the hand of an experienced guru.
Update2: I've since revised my firewall to rule to allow 192.168.1.1/24 instead because that seems to be more or less what everybody else is doing, and with my ignorance, they're probably right and I'm probably wrong. Not really sure but it's working with that so I'll keep it. Had to give up on trying to configure firewall rules for outgoing. Seems like a bear, and I don't know whether it is strictly necessary.
In my opinion, Linux security has to be taken with a grain of salt, because 90% of all users are going to disable the settings just like me because they are frankly incomprehensible gobbledygook. So Windows has the security advantage I think of the two operating systems. I'm sure for the Linux guru the security can become nigh invulnerable, but for the rest of us, we are going to do everything we can to disable security, because otherwise nothing works right on a network.
No comments:
Post a Comment