Slackware This Forum is for the discussion of Slackware Linux.
|
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
03-10-2006, 03:57 PM
|
#1
|
|
Member
Registered: Jan 2004
Location: California
Distribution: Slackware 10.2
Posts: 33
Rep: 
|
firestarter
I installed the firestarter binary package for slackware 10.1 from Linux Packages a few days ago (specifically, firestarter-1.0.3-i486-1pcx.tgz). (I'm running 10.1 with kernel vmlinuz-ide-2.4.29 from the 10.1 CD. My processor is a fairly (!) old pentium II 400mhz. At the moment, my window manager is fluxbox.)
firestarter seems to work well, so long as I start it from an X widow console as root (by way of su). I tried getting it to start on boot by putting an rc.firewall in /etc/rc.d as suggested in a much earlier post on this forum (IIRC). Specifically,
Quote:
bash-3.00$ cd /etc/rc.d/
bash-3.00$ ls -l rc.firewall
-rwxr-x--x 1 root root 99 2006-03-07 14:37 rc.firewall
bash-3.00$ sudo cat rc.firewall
# simplest script for starting firestarter
# John Velman
# 7 March 2006
/usr/bin/firestarter -s
bash-3.00$
|
When I boot, dmesg shows "Firewall started", but ps au doesn't show it running.
Same thing happens when I run firestarter -s after su-ing to root from the login console.
Also, in an X console, if I try to run firestarter from an sudo, instead of from root as an su, it tells me
Quote:
Fatal error: Your kernel does not support iptables.
Firewall not started
|
I'm obviously missing something. I've considered getting the source and compiling my own package to see if that makes any difference, but thought I'd ask for help first.
Thanks,
John Velman |
|
|
|
|
03-10-2006, 04:33 PM
|
#2
|
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
The error message says your kernel doesn't support iptables. Which kernel version are you using? Read your Slackware and Firestarter documentation please. You need a kernel that has netfilter enabled. Earlier linux versions used ipchains instead of iptables.
|
|
|
|
|
03-10-2006, 09:19 PM
|
#3
|
|
Member
Registered: Feb 2004
Location: 33.31N -111.97W
Distribution: SuSE
Posts: 919
Rep:
|
I strongly advise that you read this THREAD and especially the second post. |
|
|
|
|
03-11-2006, 12:36 AM
|
#4
|
|
Senior Member
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247
Rep:
|
Ok. I have firestarter installed. I tried to do what you mentioned while being root.
It also doesn't work. firestarter -s shows that firewall started but ps aux |grep firestarter shows nothing.
However, GUI works perfectly.
Try issuing this command:
firestarter --start-hidden (it works for me).
My firestarter is compiled from source.
|
|
|
|
|
03-12-2006, 05:54 PM
|
#6
|
|
Member
Registered: Apr 2004
Location: Arkansas
Distribution: Ubuntu 8.10
Posts: 365
Rep:
|
Without an /etc/rc.d/rc.firewall your firewall won't be started, until you start firestarter manually. The thing is, YOU DON'T NEED FIRESTARTER after you get your firewall set up! The only time you need to run firestarter is when you want to make changes to you firewall, other than that it's not necessary.
Also, as was noted in an earlier post, you will need iptables and netfilter compiled with the kernel (I have mine compiled as modules). It's been a while since I ran 2.4.29 but I *thought* that iptables was included in it, but maybe not. If it isn't then you need to get the 2.4.31 kernel from a Slackware mirror somewhere and install it (kernel-ide-2.4.31 and kernel-modules-2.4.31 minimum you may want to get kernel-source-2.4.31 to be sure).
Here is my rc.firewal (verbatim), if you want to copy it go ahead.
Code:
#!/bin/bash
#rc.firewall start/stop/restart the Firestarter firewall service
#
firewall_start () {
if [ -x /etc/firestarter/firestarter.sh ]; then
echo "Starting firewall: /etc/firestarter/firestarter.sh"
/etc/firestarter/firestarter.sh start
fi
}
firewall_stop () {
/etc/firestarter/firestarter.sh stop
}
firewall_restart () {
/etc/firestarter/firestarter.sh stop
/etc/firestarter/firestarter.sh start
}
case "$1" in
'start')
firewall_start
;;
'stop')
firewall_stop
;;
'restart')
firewall_restart
;;
*)
echo "usage $0 start|stop|restart"
esac
Just add this to a text file, save it as rc.firewall, move it to /etc/rc.d and make it executable and, after you use firestarter to set up your firewall, it'll start it with every boot.
HTH,
MMYoung
Last edited by MMYoung; 03-12-2006 at 05:55 PM.
|
|
|
|
|
03-12-2006, 06:34 PM
|
#7
|
|
Senior Member
Registered: Feb 2006
Location: Siberia
Distribution: Slackware & Slamd64. What else is there?
Posts: 1,705
Rep:
|
Actually, on the Slackware 10.2 setup, you can just symlink your firewall in the place of rc.firewall. That's what I did- no modifications to anything Slackware necessary- and it works great.
I use arno and so far I'm pretty happy with it. I can install it in a new machine in less than 5 minutes (after having done it a couple of times!)
|
|
|
|
|
03-13-2006, 01:47 AM
|
#8
|
|
Senior Member
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247
Rep:
|
Quote:
|
Originally Posted by MMYoung
Without an /etc/rc.d/rc.firewall your firewall won't be started, until you start firestarter manually. The thing is, YOU DON'T NEED FIRESTARTER after you get your firewall set up!
|
But I need to start it manually each time I boot up if I have compiled it from source. Or I am wrong? Is firestarter GUI actually a firewall or does it only just modify rc.firewall script?
Last edited by Alien_Hominid; 03-13-2006 at 01:49 AM.
|
|
|
|
|
03-13-2006, 05:37 AM
|
#9
|
|
Member
Registered: Apr 2004
Location: Arkansas
Distribution: Ubuntu 8.10
Posts: 365
Rep:
|
Quote:
|
Originally Posted by Alien_Hominid
But I need to start it manually each time I boot up if I have compiled it from source. Or I am wrong? Is firestarter GUI actually a firewall or does it only just modify rc.firewall script?
|
Nope, just add my rc.firewall to /etc/rc.d, or symlink /etc/rc.d/rc.firewall to /etc/firestarter/firestarter.sh as Randux suggested, and this will start your firewall when you boot. If you need to make changes to your firewall just start firestarter, make your changes, and close it out. The only reason to start firestarter is if you want to monitor any hits that your firewall detects.
Later,
MMYoung |
|
|
|
|
03-13-2006, 06:29 AM
|
#10
|
|
Senior Member
Registered: Oct 2005
Location: Lithuania
Distribution: Hybrid
Posts: 2,247
Rep:
|
OK. Got it. I always thought that firestarter only works when I can see its GUI so I had added it to my session list. Now will try your script.
|
|
|
|
|
03-14-2006, 02:59 PM
|
#11
|
|
Member
Registered: Jan 2004
Location: California
Distribution: Slackware 10.2
Posts: 33
Original Poster
Rep:
|
Thanks to all who have responded. It appears that my kernel does support IPTables, and netfilter.
One further question: MMYoung has refered to "firestarter.sh". My distribution (from Linux Packages --firestarter-1.0.3-i486-1pcx.tgz -- for slack 10.1 doesn't contain a "firestarter.sh.") Is this provided only with the source, or with the slackware 10.2 package?
Thanks again!
John Velman
|
|
|
|
|
03-14-2006, 05:46 PM
|
#12
|
|
Member
Registered: Apr 2004
Location: Arkansas
Distribution: Ubuntu 8.10
Posts: 365
Rep:
|
Quote:
|
Originally Posted by John Velman
One further question: MMYoung has refered to "firestarter.sh". My distribution (from Linux Packages --firestarter-1.0.3-i486-1pcx.tgz -- for slack 10.1 doesn't contain a "firestarter.sh.") Is this provided only with the source, or with the slackware 10.2 package?
|
You won't find it, cause it ain't there  . IIRC, it is "created" after you run firestarter the first time and set up your firewall.
Later,
MMYoung |
|
|
|
All times are GMT -5. The time now is 05:24 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
