Noobie question -- Firestarter
Jeffrey F. Bloss
jbloss at tampabay.rr.com
Sun Jan 20 22:08:41 UTC 2008
Mario Vukelic wrote:
>
> On Sun, 2008-01-20 at 19:45 +0000, andy baxter wrote:
> > unless a script in
> > /etc/init.d specifically re-creates them.
>
> And firestarter installs these files that do just that:
But does it actually *work*? ;)
My experience with Firestarter (dated by about a year now so buyer
beware) is that something is "missing" somewhere. To have your netfilter
rules installed at boot time rather then when a user logs in you need
to either sort out Firestarter's convoluted chain of shell scripts and
create more symlinks, or use the GUI just as a management tool and
install a standard iptables script in /etc/init.d so that you can "save"
and "restore" rules properly as etc/default/iptables-rules.
Again, the last time I messed with Firestarter was probably better than
a year ago, but at that time it installed all the "necessary files" and
still wouldn't load rule sets at boot time. That certainly could have
changed. They way to test it is to log into a Ctrl-Alt-F1 console before
logging into the GUI and running a 'sudo iptables --list'. If you don't
see something considerably more involved than the iptables default
3-chain "ACCEPT" policy, you're probably not loading your custom rule
set at boot time.
--
\|/ Outside of a dog, a book is a man's best friend.
(o O) Inside of a dog, it's too dark to read.
-oOO-(_)-OOo-------------------------------[ Groucho Marx ]---
http://wrench.homelinux.net/~jeff/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20080120/06ae3495/attachment.sig>
More information about the ubuntu-users
mailing list