What is wrong with firestarter?
Derek Broughton
news at pointerstop.ca
Fri Aug 29 16:14:40 UTC 2008
Knapp wrote:
> On Fri, Aug 29, 2008 at 12:49 PM, Carlos Alberto Alves
> <drcaa at predialnet.com.br> wrote:
>> Derek Broughton wrote:
>>> Carl Friis-Hansen wrote:
>>>
>>>> Johnny Rosenberg wrote:
>>>>> Is it correct that, if I just want to configure my firewall once and
>>>>> for all, I could just install Firestarter (or one of the
>>>>> alternatives), do my settings and, if my settings are good, uninstall
>>>>> Firestarter (or the alternative) and never have to use it again,
>>>>> unless I have to change my settings?
>>>> In a way yes. However, when you uninstall firestarter you would
>>>> normally also remove the scripts /etc/init.d/firestarter and
>>>> /etc/firestarter/firestarter.sh which sets up the package filtering at
>>>> boot time.
>>>
>>> You can however, you "iptables-save" before uninstalling firestarter or
>>> other gui (it might even use it, itself), remove the firewall gui, then
>>> setup an initscript to run iptables-restore at every boot.
>>
>> Guarddog can do this without being run every boot.
>> ;-)
>
> Can it tell you what ports are being hit?
I used to use Guarddog, and one of the infuriating things was that it made
it difficult to see what ports you were trying to safeguard at all.
Everything is addressed by "application" - and if your application uses
non-standard ports, it gets even more confusing.
I actually liked it - I just found I had to write too many special rules for
too many non-standard ports.
--
derek
More information about the ubuntu-users
mailing list