Firestarter

Jeffrey F. Bloss jbloss at tampabay.rr.com
Sun Jan 7 02:42:16 UTC 2007


Garry Knight wrote:

> Marco Mandl wrote:
> 
> > after a reboot the iptables are cleared again despite
> > firestarter is called according to sysv-rc-conf.
> 
> You cuold look through /etc/rc2.d to see if any other firewall
> scripts are being run at boot.

I have the exact same "problem" as the OP on my laptop. Firestarter
fails to load if I'm not logged in (no network up). That's even if I
CTRL+ALT+F1 and try to start it as root, without first logging in to my
user account and connecting to *some* network. Gives me the bright red
[FAILED] raspberries.

I haven't investigated it too much for a number of reasons which add up
to me not needing full time firewalling on my laptop. I do remember
seeing an FAQ somewhere that suggested solving the problem by adding
'<user name> ALL=NOPASSWD: /usr/sbin/firestarter' to sudoers so you
can fire it without entering a password, then adding firestarter to your
userland startup. That way it should be automagically active as soon as
you log in. Check paths, <user name> is your user/login name, blah blah
blah... and as far as I'm concerned this is an unacceptable breach of
security. Again, YMMV.

The only other option I'm aware of is to forget about Firestarter, dig
up a good ol' rc.d init script for iptables and start your firewall the
"old fashioned" way. Set up your rules, save them, adjust the init
script accordingly if necessary, and create the proper links in your
rc*.d run level directories.

If you do it this way you'll have your condom on 100% of the time,
and you should still be able to use Firestarter to administer and
monitor things. Not to mention setting up your initial firewall rules.

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
    grok!              Registered Linux user #402208
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070106/cfacdc86/attachment.pgp>


More information about the ubuntu-users mailing list