Firestarter

[tmo318]

I have firestarter installed to start my firewall and I have a couple of questions. How do I get it to start at boot? Right now after I log in, I have to open a console log is as root and then start firestarter. Also when I start firestarter I get a error that reads:

Failed to open system log

No realtime hit information will be available. Please make sure the syslog daemon is running.

I installed Metalog during the install as per the install guide and it starts up at boot. How do I get firestarter to see Metalog and use it?

Thanks
Tim

[tmo318]

Can someone help me with this?

Thanks

Tim

[pilla]

for gentoo, you usually will have a script in /etc/init.d for daemons. To start at boot time, just add it to the boot level (see Gentoo Linux init system)

[eyevee99]

Firestarter doesn't appear to have an init.d script.

[splooge]

After you apply the iptables configuration in the console, save it like this:

/etc/init.d/iptables save

Then do a:

rc-update add iptables default

As for your metalog issue ... I dunno, never used metalog.

[tmo318]

Thank You

I now how my firewall start on log in. As for Metalog I will probably will not look at the log anyway.

Thanks

Tim

[eyevee99]

I believe that the firestarter ebuild is not running the ./postinstall script.

According to the firestarter website this script is what installs the init.d script and the ability to run firestarter as a non root user.

Any ideas on why this isn't being run (or why it isn't working if it is being run?). I'm really keen to get firestarter completely setup so I can have my box fully stealthed like it was under windows with Kerio (tiny) Personal Firewall.

:)


Also, I get the following issues as well

[tmo318]

I ran firestarter and did the /etc/init.d/iptables save

rc-update add iptables default

It would start the firewall but it would not start NAT. Now this is what I did to get the firewall going with NAT.

as root

ln -s /etc/firestarter/firewall.sh /etc/init.d/

rc-update add firewall.sh default

Now the firewall starts and NAT works. When I got to http://scan.sygate.com/ all my ports are blocked. I this do not know how to get Metalog to work though.

[splooge]

Just an FYI

I am going to assume (yes, I know) that the issue is that iptables save doesn't do this:

echo 1 > /proc/sys/net/ipv4/ip_forward

you can change/add this in your /etc/sysctl.conf file

[eyevee99]

Strangely connection sharing no longer works either.

If I have no iptables and no firestarter running. Connection sharing doesn't work. ie Remote machine can't access the net. It hasn't changed and was working fine last night.

If I run iptables, no connection sharing

If I run firestarter, even with connection sharing enabled, no connection sharing.

I'm stumped.

[StinkingMonkey]

Answer to the Metalog problem can be found here

https://forums.gentoo.org/viewtopic.php?t=59506&highlight=firestarter

also to get it starting at boot, add the following line to /etc/conf.d/local.start

/usr/bin/firestarter -s

Also in reply to the /.postinstall aspect of firestarter i suspect the reason why gentoo doesnt use it is that it wont complile, well at least it wont on mine, reason > doesnt recognise kernel .. my kernel = gentoo-sources 2.4.20-r5