| View previous topic :: View next topic |
| Author |
Message |
Vitaliy
Guru
Joined: 06 Apr 2004
Posts: 451
Location: Brooklyn, NY
|
 Posted: Mon Dec 12, 2005 11:24 pm Post subject: Problem with Firestarter |
 |
|
I have compiled net-firewall/firestarter-1.0.3, it starts up with no errors and everything appears to be just fine.
I clicked on Policy tab and under 'Inbound traffic policy' I went down to 'Allow service' section, just wanted to test it out with something basics. I added HTTP on port 80 for everyone and started the service. In 'Outbound traffic policy' I have it set as 'Permissive by default, blacklist traffic'. For now in the Preferences ICMP and ToS filtering is disabled. Also the right device is selected.
The thing is, it blocks absolutely ALL traffic, including HTTP on port 80 until I add a website to 'Allow connections from host' section. That is simply unusable, I would like to allow traffic both ways for HTTP - how would I go about this?
During use I also noticed this message in the terminal (started Firestarter in the terminal to observ the output):
| Code: | Try `iptables -h' or 'iptables --help' for more information.
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name
iptables v1.3.4: Couldn't load target `LSI':/lib/iptables/libipt_LSI.so: cannot open shared object file: No such file or directory |
|
|
| Back to top |
|
 |
goofus
Apprentice
Joined: 19 Nov 2004
Posts: 180
|
| Posted: Fri May 05, 2006 12:10 pm Post subject: |
|
|
| same problem here. i am trying out what is wrong in my kernel config. :/ |
|
| Back to top |
|
|
Aurisor
Guru
Joined: 20 Sep 2003
Posts: 361
Location: Boston MA
|
| Posted: Fri May 05, 2006 1:14 pm Post subject: |
|
|
| Did you emerge iptables? Did you compile iptables support into your kernel? Check firestarter to see exactly what kernel options it requires (there are a few) and what version of iptables it requires. |
|
| Back to top |
|
|
e-dust
n00b
Joined: 03 Sep 2005
Posts: 28
|
| Posted: Wed May 10, 2006 4:06 am Post subject: |
|
|
Same problem here...followed the kernel setup guide at firestarters site and enabled almost everything (as modules).
http://www.fs-security.com/docs/kernel.php
Made the additional changes, that iptables from 2.6.16 requires too, without success. The firewall blocks everything and outputs
| Code: | | iptables: No chain/target/match by that name |
ishan: What functionality does the iptables package provide? |
|
| Back to top |
|
|
goofus
Apprentice
Joined: 19 Nov 2004
Posts: 180
|
| Posted: Wed May 10, 2006 1:19 pm Post subject: |
|
|
i fixed it.
i just enabled a lot of the filter modules in the kernel.  |
|
| Back to top |
|
|
e-dust
n00b
Joined: 03 Sep 2005
Posts: 28
|
| Posted: Wed May 10, 2006 2:18 pm Post subject: |
|
|
| Good for you goofus...can you be more specific which modules you compiled? |
|
| Back to top |
|
|
e-dust
n00b
Joined: 03 Sep 2005
Posts: 28
|
| Posted: Wed May 10, 2006 2:42 pm Post subject: |
|
|
| Did compile, as goofus mentioned, most of the things in xtables as modules. This solved the issue, but it is still like a blackbox for me. However, it works! |
|
| Back to top |
|
|
goofus
Apprentice
Joined: 19 Nov 2004
Posts: 180
|
| Posted: Fri May 12, 2006 12:28 pm Post subject: |
|
|
i cant remember what it was. i just enabled more and more until it worked since it is too time consuming to always remount boot and reboot the system to test it out, sorry.  |
|
| Back to top |
|
|
e-dust
n00b
Joined: 03 Sep 2005
Posts: 28
|
| Posted: Fri May 12, 2006 2:45 pm Post subject: |
|
|
Actually, it doesn't matter as long you compile everything as modules. Only, the necessary things should be probed...and firestarter seems to like it that way. I guess we both have funnier things to do  |
|
| Back to top |
|
|
|
Networking & Security
