hi I just upgraded my box, just carted the hds out and into the new. firestarter was working fine on the old with the nic plugged into pci.

now, when i try and start it, it complains that eth0, isn't working. at present i have eth1 <onboard> and eth2 <pci> or

can someone give me the iptables commands to open the following:

btorrent
ftp 20-21
ftp passive 10100-10199
ssh 92
smb

thats it on this box ssh is 92 on here, we port fwd so 22 is taken

oh yeah and where to put them so it does it all the time.

Some of the information is impossible to provide without knowing what distribution you're running (like where to put it so it loads on boot.)

The commands themselves would also depend on that in many cases, for instance redhat you're likely going to want to add them to the RH-Firewall-1-INPUT chain. Debian, not so much.

Could you give us some additional details?

sorry, was a bit cross when i wrote it.

ubuntu karmic

If you already have it setup, you'd be better trying to use that and just change the interface. Try "firestarter --help" or look for a config file.
(Been years since I looked at it).

it worked fine b4. now it dont' show access even local !!!!

i'll say one thing we are secure!

I have read that you upgraded hardware and this may help you (if it's mile off I apologise):

Ubuntu is ''helpful'' with NIC's. If you change NIC (or mobo with built in NIC) it will usually assign a new ID such as eth1/2/3 etc because it sees a different MAC/Hardware address on the device. Of course, assigning your NIC a new eth1/2/3 ID will break all of your Firestarter rules because they are usually all relevant to eth0. Personally I find this behaviour a PITA, but once you know it does this, the fix is trivial:

Edit this file:
/etc/udev/rules.d/70-persistent-net-rules

You'll probably find you have a couple of entries that look similar to this:

eth0 will be locked to the old mac of the old nic. Personally I would delete both lines and reboot - this should the correctly assign your new NIC to eth0 and everything should work again. If you prefer just edit the ATTRS{address} to suit and restart your networking (sudo /etc/init.d/networking restart)

HTH

2 members found this post helpful.

i now have connection, on eth0, so far so good.
/etc/udev/rules.d/70-persistent-net-rules is now "empty", but fire
starter now complains it can't "find eth2" last used eth port. reinstalling firestarter again....

btw whats PITA

Pain in the .........

1 members found this post helpful.

It looks like, as I am not in the mood for a fight, pick up ftp disk, and put in the server box. The all I have to is open samba and my-shh 92

Try launching the Firestarter GUI (usually under applications / internet) and selecting EDIT > PREFERENCES > FIREWALL > NETWORK SETTINGS and change the NIC there. You'll need to bounce/restart networking for it to bite.

I edited /etc/firestarter/configuration and restarted the box.

and it's not good enough, oh yes it works on eth0 now, weget current connections, but when i try to go LOCAL ftp site, it dont show up there.

cross with this. chg of mind, partion my new 340gb to reflect /home and home/ftp then reinstall i think.


you seem quite knowledgable, if i want to say to firestarter, accept everting off my local lan i'd say

192.168.1.0/24 yeah? do you have link or something to explai how /24 /16 /8 etc works?

On the firestarter site I saw one - maybe the FAQ.

well home and ftp yep! and the configs, mind you there was a minor problem the other day... when the configs turned into err junk! can't wait for Luicd, 10.4 only next month.

thanks for all your help

Yeah all up and running now with tux totally on the new 340gb hd, fine and dandy. just put other ftp disk in tux2 for back up. if your about pls test, via the website http://tux.isa-geek.org

From outside I can see all this open (assuming you are an NTL customer off the Winchester assigned address spaces)

21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
91/tcp open mit-dov
110/tcp open pop3
465/tcp open smtps
8000/tcp open http-alt