Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Firestarter is an excellent GUI system to configure the netwrok. I'm using on my local LAN, and not have problems on rules.
My main question is when starting or returning from X to text mode (I usually start in mode 3), the echo from firestarter is on the screen, making very difficult to write any command.
I understand the problem came from the own way firestarter is configured, as needs to capture the "net attacks" and display in their own screen in GUI mode.
But when the GUI is not working (when I'm in text mode), the echo is send to the screen, flooding my screen.
If I add in the IPTABLES script a "--log-level 7" then no output is captured by firestarter, but I want this to see "who" is hacking on my system. Nevertheless this rule is modified automatically by the own firestarter program when a new rule is added.
Sorry for the long text. But tryed to describe as better as possible.
You could use a log-file instead. Just append >/my/log/file to the firestarter command.
Alternatively you could redirect the output to another tty (/dev/vc/X).
just wanted to know if this sollved your problems?
i am having the same problem of having floods of UDP Pings/probes from my router whenever i am in non graphical mode(run-level 3).
if it did work how did you change the firestarter script in /etc/inti.d to redirect all the data to a log file or to another tty or even /dev/null?
thanks
I have not tried firestarter, but my guess is that the file is called /etc/init.d/firestarter.
The structure og the file is distribution-dependent, but you should be able to locate a line like source firestarter -options, firestarter -options or start-stop-daemon --start --quiet firestarter. Note that you could experiment a little with start-stop-daemon and the --quiet-flag.
A few answer to different question (including file locations).
Firestarter start script is located in: /etc/rc.d/init.d/firestarter
It meets System V and have the modifiers: start, stop, status and panic.
No one of them stops the output to screen.
Note 1: Be careful to call this script and not the binary file in /usr/bin/firestarter
Note 2: Be even more carefull not to issue #./firestarter stop
In this last case, you'll not get the output on the screen becasue you'll not have firewall at all (all connections allowed).
The output from this file can't be either redirected to > /dev/null as what' will be redirected is the output from the script shell, but not the real output from the iptables.
The configuration file is located in /etc/firestarter/firewall.sh
This is the big beast taking care of all iptables controls, including the blocked ports, and allowed ones. I tryed to change this file but seems to be modified by firestarer every time a new rule is set. Nevertheless, a change in this file will block all the output (even the one I most like, the output on the firestarter GUI). I like to see who is attacking me (but only in graphic mode, when no output destroys/flood my console).
I finally got what I believe works. I created 2 scripts that I use when in text mode. One to allow the output, the other to drop. It seems to work. If any one tries, I'll aprreciate comments.
To stop the output: i.e. fire.no.log
IPT=/sbin/iptables
# Create a new log and drop (LD) convenience chain.
$IPT -N LD 2> /dev/null
$IPT -F LD
$IPT -A LD -j LOG --log-level 7
$IPT -A LD -j DROP
STOP=LD
To enable the output: i.e. fire.do.log
IPT=/sbin/iptables
# Create a new log and drop (LD) convenience chain.
$IPT -N LD 2> /dev/null
$IPT -F LD
$IPT -A LD -j LOG
$IPT -A LD -j DROP
STOP=LD
Create this two scrip files, changemod to 700. When in text mode launch ./fire.no.log to stop the output on the screen. To enable again launch ./fire.do.log
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.