FS-Secuirty.com says- “Firestarter is an Open Source visual firewall program. The software aims to combine ease of use with powerful features, therefore serving both Linux desktop users and system administrators.”
Some Firestarter features
● User friendly, easy to use, graphical interface
● Real-time firewall event monitor shows intrusion attempts as they happen
● Enables Internet connection sharing, optionally with DHCP service for the clients
● Allows you to define both inbound and outbound access policy
● Open or stealth ports, shaping your firewalling with just a few mouse clicks
● Enable port forwarding for your local network in just seconds
● Option to whitelist or blacklist traffic
● Real time firewall events view
● View active network connections, including any traffic routed through the firewall
● Advanced Linux kernel tuning features provide protection from flooding, broadcasting and spoofing
● Support for tuning ICMP parameters to stop Denial of Service (DoS) attacks
● Support for tuning ToS parameters to improve services for connected client computers
● Ability to hook up user defined scripts or rulesets before or after firewall activation
Comprehensive tutorial on Firestarter is available at http://www.fs-security.com/docs/tutorial.php. Here are some important steps related to installation and configurations of Firestarter on Ubuntu:
1. Search
$ sudo apt-cache search firestarter
firestarter - GTK program for managing and observing your firewall
2. Install
$ sudo apt-get install firestarter
3. Run
$ sudo firestarter
6. The default Firestarter policy is as follows:
● New inbound connections from the Internet to the firewall or client hosts are blocked.
● The firewall host is freely allowed to establish new connections.
● All client hosts are allowed to establish new connections to the Internet, but not to the firewall host.
● Traffic from the Internet in response to connection requests from the firewall or client hosts is allowed back in through the firewall.
7. The outbound traffic policy groups
Outbound policy controls outgoing traffic to the Internet from the firewall and any LAN clients. The default outbound policy is permissive. This means you and any clients connected to the local network are able to browse the net, read email, etc. unrestricted.
8. Restrictive mode
nothing is allowed out unless you explicitly create a rule for it in one of the groups.
Bug:
Firestarter reports error on startup:
Failed to open the system log
No event information will be available.
Taken from https://bugs.launchpad.net/ubuntu/+source/firestarter/+bug/776361:
Possible reason is that syslogd is upgraded to rsyslog by upgraded version of Ubuntu.
Solution is go to the directory /etc/rsyslog.d/ and put a new file in that location that would be included in the configuration so as not to fall foul of an ubuntu upgrade at a later date. Just use command
$ sudo gedit /etc/rsyslog.d/99-fixlog.conf
and write the lines:
.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
restart rsyslog or reboot the computer.
Unfortunately, this also didn't work.
BUG IS STILL UNSOLVED IN Ubuntu 11.10.
Anybody knowing the solution can share with us!
