Home arrow Resources arrow FIRESTARTER: An easy firewall for Linux
FIRESTARTER: An easy firewall for Linux PDF Print E-mail
Written by Jordan   

This article will describe in depth how to configure and run Firestarter under Linux. It is broken into three sections: introduction and installation, first running and loading Firestarter at boot time.

I – Introduction

Firestarter is a Graphical User Interface (GUI) aiming at alleviating the firewall setup process. It is designed to be simple, complete and efficient.  The easiest way to install it is by using your distribution package manager.

II – First running

In order to run, Firestarter, click on System -> Administration Tools -> Firestarter.

At the first running, a wizard will help you to configure Firestarter by choosing the monitoring interface (it will automatically detect any active interface). If your IP address was assigned by Dynamic Host Control Protocol (DHCP), you should tick the corresponding option.

The second dialog box will prompt you to share your Internet connection and use your computer as a DHCP server.
If your computer is directly connected to the Internet and share it with other computers on the same network, tick the 2 cases or click on Next and Save to quit the wizard.


If you install another network connection later on, you should (especially if the Firewall block your connection) run the wizard again by clicking on Firewall -> Run Wizard. For experts, it is also possible to use Edit -> Preferences.

If you are not running any server on your computer, you do not fancy looking at log files and you do not want to dwell too much on configuring the firewall you can stop at the default configuration which should be enough for a beginner.

II- 1 The Status Widget

This widget shows you the status of the firewall. It also helps you to monitor it. The status of the firewall could be one of the following:

 

  1. Working: this means that the firewall is currently working so everything is ok
  2. Stop: the firewall is idle so it is not interfering on the network traffic
  3. Blocking: The firewall is currently blocking every incoming and outcoming connection. This also means that no data are currently moving on the network.

This page also gives you some network statistics including active connections, number of warnings, incoming packets and so forth.
The following picture shows you a screenshot of the widget.

FireStart 1

II – 2 The event widget

This is where all logs are located. This is also where you can actually see all blocked connections as well as their error levels such as:
  1. Black: Regular connection on a port but blocked by the firewall. So you should not worry.
  2. Red: Likely intrusion entry but bloked by the firewall
  3. Gray: Good broadcasting connections according to Firestarter

All these are illustrated at the next picture.


FireStarter 2

II – 3 The Policy Widget

This is where you should define for rules for your incoming and outcoming connections. For outcoming connections, I advise you to use the default option. For incoming connections, if you have some servers running on your computer, you should open their corresponding ports

  1. Right click in the area “Allow a service”
  2. “Add a rule”
  3. Select in the list the name of service you would like to run for instance FTP for an FTP server  
  4. In the source field, you should leave the default option in order to open the port for everybody.  
  5. Finally you should click on Add

The next picture shows you the widget in action

FireStarter 3

II – 4 Preferences

Default preferences will suit the user lambda. Those who already know some knowledge of network protocols and firewalling will not spend an awful amount of time to learn about it. For those who do not have enough skills, they should look at online references, Google is their friend.


Is the firewall active when Firestarter window is closed?
The window only helps for configuration, therefore the firewall is still active after you close the window. This behaviour is defined in the Firewall preferences. By default, the firewall restarts when a connection is booting and at the opening of the configuration wizard and at the assignment of a new address through a DHCP server. The next picture shows that window.

FireStarter 4

III – Loading Firestarter at boot time

Although Firestarter is a good software, it is sometimes tricky to run it at the beginning of the session. Indeed, when you try to add Firestarter in System -> Preferences -> Sessions, you immediately have an error message saying that the eth0 interface is not available. This is due to that the interface will be started at the same time as the network.


The first thing you should do is to allow Firestarter to run:

$ su visudo

Append the line:

username ALL= NOPASSWD: /usr/sbin/firestarter

Warning: Do not forget to replace the username will your actual one!
Now you should create a blank file called .start_firestarter

$touch .start_firestarter


Edit the file.

gedit .start_firestarter

Copy the following information
With 2 network interfaces eth0 (wi-fi) and eth1 (LAN)

#! /bin/bash

verif=$(ifconfig eth0 | grep Octets | cut -d: -f2 | cut -d' ' -f1)
verif1=$(ifconfig eth1 | grep Octets | cut -d: -f2 | cut -d' ' -f1)
i="0"

while [ "$verif" -lt 900 ] && [ "$verif1" -lt 900 ] && [ "$i" -lt 100001 ]; do
verif=$(ifconfig eth0 | grep Octets | cut -d: -f3 | cut -d' ' -f1)
verif1=$(ifconfig eth1 | grep Octets | cut -d: -f2 | cut -d' ' -f1)
let $[ i=i+1 ]
done

if [ "$i" -lt 100000 ] ; then
{
sudo firestarter --start-hidden
}
fi

exit 0

With only 1 interface

#! /bin/bash

## Get the number of octects received on ethO
verif=$(ifconfig eth0 | grep Octets | cut -d: -f2 | cut -d' ' -f1)

## counter

i="0"
## Tif the network card is yet to receive 900 bytes or the counter is not finished
while [ "$verif" -lt 900 ] && [ "$verif1" -lt 900 ]; do
verif=$(ifconfig eth0 | grep Octets | cut -d: -f3 | cut -d' ' -f1)
let $[ i=i+1 ]
done

## if the loop is not finished before the counter, then Firestarter is run in the task bar
if [ "$i" -lt 100000 ] ; then
{
sudo firestarter --start-hidden
}
fi

exit 0

Now to end up everything, you should go to System -> Preferences -> Sessions and add:
Name : firestarter
command: sh /home/<<username>>/.start_firestarter

 Have questions? Ask them on our forum! 
 
< Prev   Next >
[ Back ]