how to manage/monitor fwbuilder in Lenny?
i start fwbuilder with debug option:
# ssh root@localhost sudo -S /etc/fw/firewall.fw and iptables rules are setup without any errors. What exactly is the fwbuilder firewall? Simply this iptables set of rules? Or the running fwbuilder script (firewall.fw)? Both? What now? How do I see what's going on? When i scan with nmap, it doesn't seem to matter if i have a firewall running or not. I have used firestarter till now. |
Hello,
fwbuilder creates a shell script (.fw) which makes calls to programs (iptables and others) to make the firewall (.fwb) rules effectives. To insert the fw, you only need to execute the shell script (.fw), making it executable (chmod +x *.fw) or calling it via a shell (bash *.fw). iptables makes changes to the kernel IP tables. iptables throws its messages to /var/log/kern.log (deppending on configuration). There, you'll find lots of DENY/ACCEPT lines, which refers to your fwb rules. Each line tells source and destination address (SRC and DST), source and destination port (SPT and DPT), MAC addresses, time, device, protocol (TCP or UDP) and other IP flags. I don't know about any debugging program other than grep ;) Code:
grep "DPT=80" kern.log | grep DENY emi |
fwbuilder docs are good - to a point: i got a fw-script compiled and installed. It seems, tho, then the docs just stop. I run the script and i see the iptables rules scrolling by (or in/var/log/kern.log). Is that it? Am i done? Does the fw-script run in the background? Does fwbuilder have some sort of admin functionality? I thought that was the purpose of the "management interface", ie some sort of admin.
With debug, i meant the fwbuilder "script options" debug. i run iptraf and firestarter still, because i'm unsure about fwbuilder... |
Quote:
Quote:
Quote:
To see if the rules are working as expected, you'll probably need grep:
Quote:
See you!! emi |
Quote:
|
All times are GMT -5. The time now is 08:24 PM. |