Re: Firestarter: how to auto start it?

To: Florian Kulzer <florian@molphys.leidenuniv.nl>, debian-user@lists.debian.org
Subject: Re: Firestarter: how to auto start it?
From: lmyho <lm_yho@yahoo.com>
Date: Sun, 23 Apr 2006 10:49:47 -0700 (PDT)
Message-id: <[🔎] 20060423174947.37913.qmail@web30804.mail.mud.yahoo.com>
In-reply-to: <[🔎] 20060423122930.GA20466@bavaria>

--- Florian Kulzer <florian@molphys.leidenuniv.nl> wrote:

> On Sun, Apr 23, 2006 at 11:38:25 +0200, Alexander Sack wrote:
> > On Sat, Apr 22, 2006 at 08:00:37PM -0700, lmyho wrote:
> > > 
> > > But it didn't work, the firestarter still doesn't load when the system boot
> and jack
> > > logedin.
> > > 
> > > Then I changed the line in sudoers to: jack ALL=NOPASSWD:
> /etc/init.d/firestarter
> > > start, and changed the line in GNOME Preferences->Sessions->Startup Programs
> to:
> > > sudo /etc/init.d/firestarter start, too.  
> > > 
> > > But the firestarter still doesn't auto start at the system boot!
> > > 
> > 
> > Maybe consider this:
> > 
> > firestarter consists of two parts. The first is the gui which is used
> > to administer iptables firewall rules. The second is the init script which
> > takes care that your current firewall rules are loaded at system
> > startup. Thus, though there is no gui running your firewall is
> > still effective, so you probably don't need firestarter to be started
> > automatically, but just if you want to change your firewall rules.
> 
> If you are unsure about whether the firewall is running without the GUI,
> you can check it with the following command in a Gnome terminal or on
> the console (as root):
> 
> iptables -L
> 
> If my firewall is deactivated I see this:
> 
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> If my firewall is active, I get 2-3 screens of rules scrolling by which
> DROP or REJECT a lot of packets. (iptables is the direct command to
> access the modules in the kernel which handle the firewalling,
> firestarter is a convenient means for you to set these somewhat
> complicated rules according to your needs.) 
> 
> -- 
> Regards,
>           Florian
> 
Thank you Florian! I just sent out a question to ask how to check before see your
reply.  Thank you for the guide!

I haven't lauch the gui firestarter yet, it's a good time, so I checked the
'iptables -L', I do get many outputs, but for the three you listed, I got different,
please see:

Chain INPUT (policy DROP)
target     prot opt source               destination

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTBOUND (1 references)
target     prot opt source               destination

Why is mine 'policy DROP'?  And under these title lines, under 'target', lots of
them are ACCEPT, some are DROP.  What happen?  Does my firestarter running?  Or do I
have something set wrong?

I would highly appreciate your help!  Thanks!

Regards,
Leo



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Reply to:

Follow-Ups:
- Re: Firestarter: how to auto start it?
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Firestarter: how to auto start it?
  - From: Florian Kulzer <florian@molphys.leidenuniv.nl>

References:
- Re: Firestarter: how to auto start it?
  - From: Florian Kulzer <florian@molphys.leidenuniv.nl>

Prev by Date: Re: afraid to upgrade libc6 and libc6-dev
Next by Date: Re: How to auto start Firestarter?
Previous by thread: Re: Firestarter: how to auto start it?
Next by thread: Re: Firestarter: how to auto start it?
Index(es):
- Date
- Thread