Firestarter/firewall

[Christian Bjälevik]

John Richard Moser wrote:
> Someone recommended firestarter.  This is nice, it has its own init
> script (I'd rather it just read from iptables and let a centralized init
> script deal with it), it has a nice UI.  I like it, somewhat.
> 
> Problem is it blocks everything.  I turn on NAT and it does that now;
> but it also blocks my LAN from SSHing into the machine.  It also broke
> (irreparably apparently) IRC conn tracking, i.e. I no longer can DCC
> files.  In general, it broke things.  A net loss.
You can allow stuff from with-in the gui. Dunno about conntrack, haven't 
looked into that myself.

> It's nice, it might be nice for main one day, but it does break things.
>  It also can't seem to start up the dhcp server (even after installing
> the dhcp server), so blah.
Shouldn't that daemon start on boot? Did for me last time I used the 
package anyway.

> Ubuntu still needs something to bring up firewall at boot.  People claim
> ubuntu needs no firewall, but somehow, some way, home users need to set
> up "internet connection sharing" in many situations.  This requires
> iptables to be restored at boot, preferably without everyone in the
> world calling the local hacker (i.e. me) to write their scripts.
I like firestarter when I'm on a machine with GUI :-). In the other case 
I got my self-made iptables.sh and update-rc.d.

Sincererly
-- 
Christian     .-.    Bjälevik
Eskilstuna    /v\    [SWEDEN]
ICQ UIN      // \\   60036598
Linux User  /(   )\  [344682]
GPG Key ID   ^^-^^   356FE771