Quote:
How would you redirect logs to a file in Firehol?
|
The nice thing about FireHOL is that it has native support for ulogd. After installing the software (aptitude install firehol ulogd) you can enable log redirecting in FireHOL's config file, /etc/default/firehol. Make it look like this:
START_FIREHOL=YES
FIREHOL_LOG_MODE="ULOG"
I used Firestarter before discovering FireHOL+ulogd and the log messages in console were quite annoying.
So when I found out that enabling ulogd in FireHOL was that easy, it really saved my day.
And the firewall configuration with FireHOL is also not that difficult. There's a command line tool named "firehol-wizard" ("firehol-wizard > /etc/firehol/firehol.conf") that checks your running services and then creates an initial firewall config file for you. If you want to, for example, open port 6881 in order to speed up bittorrent downloads, you can add something like this to /etc/firehol/firehol.conf:
# Allow BitTorrent server ports
server_bittorrent_ports="tcp/6881"
client_bittorrent_ports=any
server bittorrent accept
client all accept
Then you just restart FireHOL ("/etc/init.d/firehol restart" or simply "/sbin/firehol restart") and you're ready to go.