where is firewall script in ubuntu 5.10 ?

taiwf · 01-16-2006, 02:00 PM

I have install ubuntu 5.10 but i can't find firewall script in /etc/init.d/ . In debian there is such script that allow me to do iptables start/stop/status/etc.

I do have iptable installed . But without such script is there anyway i can check if my firewall is running? Besides, can i use the script from lastest debian distro? Or is there any generic script i can download and use without modification? I am newb at shell.

thx in advance

nephish · 01-16-2006, 03:22 PM

i have firestarter on my ubuntu box, does all the work for you, sets up iptables, rules, what-not. i know of scripts out there, but i dont know one exactly. i would caution you about using a debian script. Even though they are very very similar, Debian and Ubuntu are not exactly the same thing.

Aramil · 01-16-2006, 03:53 PM

Just use firestarter.Its much easier than configuring iptables by your own.Then you can add a small script in init.d in order to start firestarter on startup.But I can't help you with that cause I m no good at scritps....hehehe

taiwf · 01-16-2006, 05:38 PM

ok, i got a set of rule for iptables (ie. mainly traffic directing and blocking stuff). Now if i installed firestarter , will i able to use those rule?

nephish · 01-16-2006, 07:40 PM

dude, just use firestarter. its gui, and you set up all the rules you want like that, really easy. Install firestarter and see what it can do before you mess with scripts by hand, save yourself some trouble.
good luck

Aramil · 01-17-2006, 03:26 PM

the rules can be set up again with just a few clicks!I m sure you ll find it much easier!Let us know!Gl

taiwf · 01-17-2006, 06:39 PM

well, the linux box is used as server where i need to frequently ssh into it to admin remotely. I try to stay away from remote desktop as i heard it introduce more problem in term of security. I google abit and it seems this ubuntu doesn't seem to have script like debian...

I can probably use gui for now till i get script rdy. Just one question, does this firestarter generated a little script (or safe it somewhere in system ) for its own rule set once you create by it? I used to use webmin and thats what it did for the firewall module. I have the firewall rule in bash file, and just dont' want to mess up with one generated by firestarter (if it creates any).

thx

0x29a · 11-18-2006, 12:07 AM

I just setup a test server with ubuntu 6.06 LTS and I've been wondering the same thing about firewalls since I'm in the process of migrating away from SuSE which is the distro my firewall is currently running. I'm going to install firestarter and I'll post my findings here including whatever file(s) it generates.

Wim Sturkenboom · 11-18-2006, 07:36 AM

Just create your ip-tables script and call it from /etc/rc.local . This will automatically start the script at boot (after everything else !). Depending on the luxury that you want, you can add the start, stop and so on in the script; in that case your call in rc.local will be something like my_iptables_script start.

I don't know what the best place is to store the script (probably /etc/init.d).

If your script supports start, stop etc, I think that it will also work if you place a symlink to your script in rc2.d (or whatever runlevel directory is used on your system) instead of using rc.local.

The following script is in /etc/init.d on my Dapper box. There is a symlink to it in my rc2.d (S20firestarter). This might help you to write your own script without installing firestarter.

Code:

#!/bin/sh
#
# Init file for the Firestarter firewall
#
# chkconfig: 2345 11 92
#
# description: Starts, stops, and lock the firewall
#
# Script Authors:
#	Tomas Junnonen <majix@sci.fi>
#	Paul Drain <pd@cipherfunk.org>
#
# config: /etc/firestarter/configuration

. /lib/lsb/init-functions

FS_CONTROL="/etc/firestarter/firestarter.sh"

[ -x /usr/sbin/firestarter ] || exit 0
[ -x $FS_CONTROL ] || exit 0
[ -s /etc/firestarter/configuration ] || exit 0

RETVAL=0

start() {
	log_begin_msg "Starting the Firestarter firewall..."
	$FS_CONTROL start > /dev/null
	RETVAL=$?
	if [ $RETVAL -eq 0 ]; then
		log_end_msg 0
	else
		log_end_msg 1
	fi
	return $RETVAL
}

stop() {
	log_begin_msg "Stopping the Firestarter firewall..."
	$FS_CONTROL stop > /dev/null
	RETVAL=$?
	if [ $RETVAL -eq 0 ]; then
		log_end_msg 0
	else
		log_end_msg 1
	fi
	return $RETVAL
}

lock() {
	log_begin_msg "Locking the Firestarter firewall..."
	$FS_CONTROL lock > /dev/null
	RETVAL=$?
	if [ $RETVAL -eq 0 ]; then
		log_end_msg 0
	else
		log_end_msg 1
	fi
	return $RETVAL
}

# See how we were called.
case "$1" in
  start)
	start
	RETVAL=$?
	;;
  stop)
	stop
	RETVAL=$?
	;;
  restart)
	stop
	start
	RETVAL=$?
	;;
  force-reload)
	stop
	start
	RETVAL=$?
	;;
  lock)
	lock
	RETVAL=$?
	;;
  status)
	if [ -e /var/lock/subsys/firestarter -o -e /var/lock/firestarter ]; then
		log_warning_msg "Firestarter is running..."
	else
		log_warning_msg "Firestarter is stopped"
	fi
	RETVAL=$?
	;;
  *)
	log_success_msg "Usage: firestarter {start|stop|restart|force-reload|lock|status}"
	exit 1
esac
exit $RETVAL

PS I have not analyzed the script so I don't know the finer details. I'm still trying to figure out how it all works in combination with ppp under ubuntu (slackware is a lot more transparent from that perspective).