firestarter not started by init

AlanQ · 03-11-2006, 11:51 AM

I'm running Ubuntu5.10 and firestarter1.0.3 (installed via apt-get)

Kernel is 2.6.12-9-386. iptables v1.3.1 (Can't find version of init)

I want firestarter to start at reboot.

According to the manual:
"When you install Firestarter from a package the program is automatically registered to run as a system service. This means
the firewall is also running even if the graphical program is not."

However

After a reboot, 'sudo ps -ef' shows no firestarter.

If I start firestarter manually, ps -ef shows:
alan 9116 1 0 15:53 ? 00:00:00 gksudo /usr/sbin/firestarter
root 9138 9116 0 15:54 ? 00:00:40 /usr/sbin/firestarter

The firestarter init script is located in /etc/init.d

I have read http://www.linuxquestions.org/questi...d.php?t=171028
but I dont have chkconfig.

Any ideas?

Thanks
Alan

Mara · 03-11-2006, 05:25 PM

First run 'runlevel'. It should print you something like 'N 2'. It means you're on runlevel 2. When you have the right runlevel, just go to /etc/rcX.d where X is the runlevel and create a symlink in this directory pointing to the script in /etc/init.d. The script should have name like S15firestarter. S means to start a service, 15 sets order (small numbers are executed first, your firewall should be on before all network servers).

/bin/bash · 03-12-2006, 01:40 AM

Quote:

I have read http://www.linuxquestions.org/questi...d.php?t=171028
but I dont have chkconfig.

Debian has a similar program I think it's called rcconf.

unSpawn · 03-12-2006, 05:34 AM

There's a difference between Firestarter the "service" and the "application". Services started at at boot/shutdown/runlevel usually aren't services ment to interact with via your desktop. Starting Firestarter at boot/shutdown/runlevel change doesn't mean you'll see an app running, because (IIRC) the only thing it has to do is feed iptables rules to the kernel like any other firewall script. This means the way to verify if it is "running" is to compare the output of "/sbin/iptables -n -L (-v)" with the rules configured in Firestarter.

AlanQ · 03-12-2006, 09:23 AM

Thank you Mara, /bin/bash and unSpawn

It's now starting to make sense.

runlevel does indeed show 'N 2'.

re: /etc/rcX.d/

K20firestarter is in X= 0, 1 and 6

S20firestarter is in X= 2, 3, 4 and 5

So, to protect the system, all the firestarter script has to do is give the pre-configured rules to the iptables part of the kernel.

Quote:

This means the way to verify if it is "running" is to compare the output of "/sbin/iptables -n -L (-v)" with the rules configured in Firestarter.

I shall (carefully) play with firestarter to see how it affects the iptables rules.

Quote:

Debian has a similar program I think it's called rcconf.

I've found 'update-rc.d' which I think does roughly the same thing.

I'm feeling safer already

Al

/bin/bash · 03-12-2006, 01:12 PM

Correction:
The Debian equivalent to chkconf is
sysv-rc-conf
or
ksysv

The Debian Reference explains the boot process and runlevels.

doublejoon · 03-13-2006, 08:02 AM

/usr/sbin/update-rc.d