Guarddog 2.0 Testing

"If you are not paranoid then you don't realise the situation."

Simonzone Software Menu
Guarddog - Firewall utility
Guidedog - Network utility
Watchdog - Real time monitor


The usual Open Source approach to testing involves releasing "beta" or "Release Candidate" versions of a piece of software and then allowing people to try it out and report any problems they encounter. Unfortuately this means that any features that are not used by the users are assumed to be in a state acceptable for release. This is may be acceptable for most software, but for security software it is not. We must assume the worst until proven otherwise. This means assuming that Guarddog's protocol support is insecure until proven secure.

Unfortunately I don't have access to all of the different software or the time to test every protocol myself. But you can help by following the instructions on this page and sending me your results. By putting together information from user reports I hope to determine which protocols people are successfully using and which ones need fixing. I'll also tabulate results and update the protocol testing table (the "scoreboard") that appears lower on this page.

By helping test Guarddog your are helping create a safer and more secure internet, not just for Guarddog users but also for all internet users. Thanks in advance. - SBE

How to Test Guarddog's Protocols


The best way to test a protocol in Guarddog is to turn the one you are interested in on, turn the "Domain Name System" (DNS) protocol on too, and then all the rest off, and then see if you can still use that protocol on your network. For example, if you want to test HTTP (used on the WWW) you would turn of all the other protocols, and then turn on HTTP and DNS. Apply those changes and then go to your browser and see if you can still browse web sites. Then email the results in to me.

Detailed steps are below.

Clear your firewall

If you are already using Guarddog right now for your firewall and you don't want to lose your current configuration, then go to the Advanced tab and click "Export". Now save your configuration somewhere in your home directory. Now you can click on "Restore to factory defaults...".

Turn on the target protocol

Go to the Protocal tab and enable the protocol you want to test. It's probably a good idea to enable the DNS protocol too. Now "Apply" your changes.

Take it for a test drive

Try out your selected protocal and see if it still works. For example, if you are testing HTTP try using your web browser to access a few sites.

What to do when it doesn't work

Hopefully you can still use the selected protocol with your computer just the way before you installed Guarddog. But testing wouldn't be testing unless we suspected that there was a chance that things would fail. If you think that Guarddog might be at fault then go to the "Advanced" tab and click on "Disable firewall", "Apply" the changes and then see if your protocol now works. If it doesn't, then chances are that Guarddog is not to blame. :-) Otherwise, enable the Guarddog firewall again and "Apply" it and test again to be sure. If it is still not working try:

If it is still not working then you can consult the system's error logs to find out is happening.

Watching the error log

The error logs on your computer will (should!) record when packets on your network are blocked by Guarddog.

Blocked packets recorded in your error log typically look like this:

Jan 13 14:48:47 localhost kernel: DROPPED IN= OUT=ppp0 SRC= DST= LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=TCP SPT=1313 DPT=80 SEQ=2188445252 ACK=694258979 WINDOW=63712 RES=0x00 ACK PSH FIN URGP=0 OPT (0101080A0004FADD0C3D9687)

You should also see entries in your system log when the Guarddog firewall is updated (i.e. clicking "Apply" on the GUI) or a network interface becomes available (i.e. you connect to your ISP). The messages will look something like this:

Jan 13 14:48:51 localhost guarddog: Configuring iptables firewall now.
Jan 13 14:48:52 localhost guarddog: Finished configuring firewall

Now, make sure that you are running the tail command to watch the logs. Try using the protocol again. If packet logs start appearing in the error log then chances are that it is being generated by Guarddog blocking packets. Time to send in your discovery.

Just a note. if you are testing on a private network (which is recommended) it is best to try to stop all traffic on the network so as to avoid unwanted 'noise' from appearing in the logs.

Send in your Results

When you having finished testing, email in what you have discovered along with the following information:

Sent it on to me at simon@simonzone.com. Thanks for you help!

A Tip for Advanced Users

If you are familiar with network protocols and suspect that a protocol is not working properly you can turn on the "Advanced Protocol Help" checkbox on the Advanced tab. Now go back to the Protocol tab and click on the protocol you want more info about. The infomation is shown on the right side of the window, along with a description of what network connections Guarddog thinks the protocol needs to operate.


Below is the "testing scoreboard" showing what is known about each protocol and it's support in the current Guarddog development version. There are many gaps in the table right now, but these will be filled in as I update it with my own testing and what I hear from you people, the users.

 1 = Well tested and in common use.
 2 = Tested.
 3 = Smoke tested. (Appears to work ok).
 4 = No complaints. (Has been available for a while, but nothing reported)
 = Unknown.

ProtocolStatusLast updateNotes
AudioGalaxy - Music Sharing
21 Mar 2002 Reported to work with Audiogalaxy on Windows 2000
Corba RPC system  17 Jan 2002
BigPond Cable  21 Feb 2002 Heartbeat used on Telstra's BigPond Cable in Australia
14 Jun 2002
Diablo II  17 Jan 2002
Direct Play Gaming  17 Jan 2002
DNS - Domain Name Server
17 Jan 2002
Finger  17 Jan 2002
FTP - File Transfer Protocol
14 Jun 2002 In common use, and reported to work using Windows based clients as well as Linux ones.
Gnutella - File Sharing Network
21 Mar 2002 Reportedly works fine for Windows2000 w/Gnucleus, Mandrake 8.1 w/gtk-gnutella and Mandrake 8.2(RC1) w/gtk-gnutella
21 Feb 2002
HTTP - World Wide Web
21 Mar 2002 In common use, and now reported to work on many different clients on Linux and Windows.
HTTPS - World Wide Web over SSL
17 Jan 2002 In common use, but not tested using non-linux clients.
ICMP Redirect  17 Jan 2002
ICMP Source Quench  17 Jan 2002
ICQ chat
14 Mar 2002
14 Mar 2002 I personally only use this one just to reject it to speed up POP3.
IMAP - Internet Message Access Protocol
14 Jun 2002
IMAPS - IMAP over SSL  1 Apr 2002
IPP - Internet Printing Protocol  17 Jan 2002
IRC - Internet Relay Chat
14 Mar 2002 Possible problems when using DCC.
ISAKMP  1 Apr 2002
Kerberos  1 Apr 2002
klogin  1 Apr 2002
kshell  1 Apr 2002
LDAP - Lightweight Directory Access Protocol  17 Jan 2002
LDAP SSL - LDAP over Secure Socket Layer  17 Jan 2002
Line Printer Spooler  17 Jan 2002
Linuxconf Linux Web based Administration  17 Jan 2002
MSN Messenger  14 Mar 2002
Microsoft SMB over TCP  17 Jan 2002
MySQL database server  17 Jan 2002
Nessus Security Scanner
3 Feb 2002 Client only. Using nessesd to scan through the firewalled machine is not supported.
NetMeeting - H.323 chat  17 Jan 2002
Network File System - Sun Microsystems
17 Jan 2002 Tested using Linux servers/clients only so far.
NIS - Network Information Service  1 Apr 2002
NNTP - Network News Transfer Protocol
14 Mar 2002
NTP - Network Time Protocol
14 Jun 2002
pcANYWHEREstat  17 Jan 2002
31 Mar 2002
POP2 - Post Office Protocol version 2  17 Jan 2002
POP3 - Post Office Protocol version 3
17 Jan 2002
POP3S - POP3 over SSL  1 Apr 2002
PostgreSQL database server  17 Jan 2002
PowWow chat  17 Jan 2002
PPTP - Point-to-Point Tunneling Protocol  14 Mar 2002
Quake 2  17 Jan 2002
Quake  17 Jan 2002
QuakeWorld  17 Jan 2002
Real Audio  17 Jan 2002
SMTP - Simple Mail Transfer Protocol
17 Jan 2002
SNMP - Simple Network Management Protocol  17 Jan 2002
Socks Application Proxy  17 Jan 2002
Squid HTTP proxy
21 Mar 2002
SSH Remote Login Protocol
17 Jan 2002
SUN Remote Procedure Call
14 Mar 2002 NFS uses this, it probably works better than what I've shown here.
SWAT - Samba Web Administration Tool
17 Jan 2002
syslog - System Logging  17 Jan 2002
14 Jun 2002
Traceroute as implemented by Van Jacobson
31 March 2002 Traceroute MTR v0.45 on Linux appears to work fine.
VNC - Virtual Network Computing
27 Jun 2002
Webmin web-based administration for Unix systems  17 Jan 2002
Who Is
14 Jun 2002
Windows Networking (NETBIOS)
3 Feb 2002
X Display Manager Control Protocol
21 Mar 2002
X Window System
14 Mar 2002