个人工具

“UbuntuHelp:Firestarter”的版本间的差异

来自Ubuntu中文

跳转至: 导航, 搜索
第2行: 第2行:
 
{{Languages|UbuntuHelp:Firestarter}}
 
{{Languages|UbuntuHelp:Firestarter}}
 
Parent: [[UbuntuHelp:Software]]
 
Parent: [[UbuntuHelp:Software]]
 
 
 
 
== Firestarter Firewall Configuration ==
 
== Firestarter Firewall Configuration ==
 
 
Firestarter is an application for configuring your Ubuntu (GNU/Linux) firewall.
 
Firestarter is an application for configuring your Ubuntu (GNU/Linux) firewall.
 
 
 
== Key Features ==
 
== Key Features ==
 
 
* Suitable for use on desktops, servers and gateways
 
* Suitable for use on desktops, servers and gateways
 
* Enables Internet connection sharing
 
* Enables Internet connection sharing
第19行: 第12行:
 
* Real time firewall events view
 
* Real time firewall events view
 
* View active network connections, including any traffic routed through the firewall
 
* View active network connections, including any traffic routed through the firewall
 
 
 
== Screenshot ==
 
== Screenshot ==
 
 
https://help.ubuntu.com/community/Firestarter?action=AttachFile&do=get&target=scrn-firestarter.jpg
 
https://help.ubuntu.com/community/Firestarter?action=AttachFile&do=get&target=scrn-firestarter.jpg
 
<br>
 
<br>
 
https://help.ubuntu.com/community/Firestarter?action=AttachFile&do=get&target=scrn-firestarter-prefs.jpg
 
https://help.ubuntu.com/community/Firestarter?action=AttachFile&do=get&target=scrn-firestarter-prefs.jpg
 
 
 
== Installation ==
 
== Installation ==
 
 
* Via '''[[UbuntuHelp:Synaptic|Synaptic Package Manager]]'''
 
* Via '''[[UbuntuHelp:Synaptic|Synaptic Package Manager]]'''
 
* Via apt-get
 
* Via apt-get
第35行: 第22行:
 
sudo apt-get install firestarter
 
sudo apt-get install firestarter
 
</nowiki></pre>
 
</nowiki></pre>
 
 
 
== Hints and Tips ==
 
== Hints and Tips ==
 
 
=== Initial settings ===
 
=== Initial settings ===
 
 
Go under Edit -> Preferences
 
Go under Edit -> Preferences
 
 
'''Interface tab'''
 
'''Interface tab'''
 
*Tic off "Enable tray icon" and "Minimize to tray on window close".
 
*Tic off "Enable tray icon" and "Minimize to tray on window close".
 
*'''Your firewall will be active when you boot regardless of if you choose to activate the tray icon or not'''.
 
*'''Your firewall will be active when you boot regardless of if you choose to activate the tray icon or not'''.
 
 
'''Policy tab (under Interface)'''
 
'''Policy tab (under Interface)'''
 
*Tic off the "Apply policy changes immediately".
 
*Tic off the "Apply policy changes immediately".
 
 
'''Network Settings'''
 
'''Network Settings'''
 
*Select your interface
 
*Select your interface
 
 
'''ICMP Filterings'''
 
'''ICMP Filterings'''
 
*Select "Enable ICMP filtering".
 
*Select "Enable ICMP filtering".
 
*I advise you tic off (enable) "Echo request (ping) and "Echo reply (pong).
 
*I advise you tic off (enable) "Echo request (ping) and "Echo reply (pong).
 
**If you do not you will need to enable them if desired for network connection testing/troubleshooting.
 
**If you do not you will need to enable them if desired for network connection testing/troubleshooting.
 
 
=== Main window ===
 
=== Main window ===
 
 
You have three tabs :
 
You have three tabs :
 
 
'''Status window''' Shows general information.
 
'''Status window''' Shows general information.
 
 
To disable your firewall Firewall -> Stop firewall
 
To disable your firewall Firewall -> Stop firewall
 
 
To re-enable Firewall -> Start firewall
 
To re-enable Firewall -> Start firewall
 
 
 
'''Events''' This window will show blocked events.
 
'''Events''' This window will show blocked events.
 
*To allow a blocked connection, select the blocked connection, right click and select from the pull down menu.
 
*To allow a blocked connection, select the blocked connection, right click and select from the pull down menu.
 
 
 
'''Policy'''
 
'''Policy'''
 
This is where you can set and review connection policies. This view is split, the upper view is for ''Hosts'' and the lower window is for ''Services'' aka Ports.
 
This is where you can set and review connection policies. This view is split, the upper view is for ''Hosts'' and the lower window is for ''Services'' aka Ports.
 
 
To '''make a new policy''', right click in either window and choose "Add rule" from the pull down menu.
 
To '''make a new policy''', right click in either window and choose "Add rule" from the pull down menu.
 
*To enable your LAN, use something like 192.168.1.1/24
 
*To enable your LAN, use something like 192.168.1.1/24
 
 
To '''edit an existing policy''' select the appropriate policy in the window, right click, and select "Remove Rule" to delete the policy and "Edit rule" to modify the policy.
 
To '''edit an existing policy''' select the appropriate policy in the window, right click, and select "Remove Rule" to delete the policy and "Edit rule" to modify the policy.
 
 
 
=== Troubleshooting ===
 
=== Troubleshooting ===
 
 
==== Network manager ====
 
==== Network manager ====
 
 
Apparently there is a conflict between Firestarter and Network manager.
 
Apparently there is a conflict between Firestarter and Network manager.
 
 
The "fix" is to edit ''/etc/firestarter/firestarter.sh''
 
The "fix" is to edit ''/etc/firestarter/firestarter.sh''
 
 
<pre><nowiki>
 
<pre><nowiki>
 
gksu gedit /etc/firestarter/firestarter.sh
 
gksu gedit /etc/firestarter/firestarter.sh
 
</nowiki></pre>
 
</nowiki></pre>
 
 
Comment out :
 
Comment out :
 
 
<pre><nowiki>
 
<pre><nowiki>
 
if [ "$MASK" = "" -a "$1" != "stop" ]; then
 
if [ "$MASK" = "" -a "$1" != "stop" ]; then
第102行: 第62行:
 
fi
 
fi
 
</nowiki></pre>
 
</nowiki></pre>
 
 
Lke this:  
 
Lke this:  
 
 
<pre><nowiki>
 
<pre><nowiki>
 
#if [ "$MASK" = "" -a "$1" != "stop" ]; then
 
#if [ "$MASK" = "" -a "$1" != "stop" ]; then
第111行: 第69行:
 
#fi
 
#fi
 
</nowiki></pre>
 
</nowiki></pre>
 
 
Save your changes and re-boot.
 
Save your changes and re-boot.
 
 
 
== Other applications you may wish to look at ==
 
== Other applications you may wish to look at ==
 
 
 
 
 
== Further Reading ==
 
== Further Reading ==
 
 
* '''[http://www.fs-security.com/ Firestarter]'''
 
* '''[http://www.fs-security.com/ Firestarter]'''
 
* '''[http://www.ubuntugeek.com/firestarter-firewall-for-your-ubuntu-desktop.html]'''
 
* '''[http://www.ubuntugeek.com/firestarter-firewall-for-your-ubuntu-desktop.html]'''
 
* '''[[UbuntuHelp:IptablesHowTo| Ubuntu wiki IptablesHowTo]]
 
* '''[[UbuntuHelp:IptablesHowTo| Ubuntu wiki IptablesHowTo]]
 
 
----
 
----
 
[[category:CategoryDocumentation]] [[category:CategorySoftware]]
 
[[category:CategoryDocumentation]] [[category:CategorySoftware]]
  
 
[[category:UbuntuHelp]]
 
[[category:UbuntuHelp]]

2007年11月30日 (五) 17:16的版本

Geographylogo.png 文章出处: 

https://help.ubuntu.com/community/Firestarter

Geographylogo.png 点击翻译: 

English

请不要直接编辑翻译本页,本页将定期与来源同步。

Parent: UbuntuHelp:Software

Firestarter Firewall Configuration

Firestarter is an application for configuring your Ubuntu (GNU/Linux) firewall.

Key Features

  • Suitable for use on desktops, servers and gateways
  • Enables Internet connection sharing
  • Allows you to define both inbound and outbound access policy
  • Wizard for easily configuring your firewall
  • Sets up DHCP for a local network
  • Real time firewall events view
  • View active network connections, including any traffic routed through the firewall

Screenshot

Firestarter?action=AttachFile&do=get&target=scrn-firestarter.jpg
Firestarter?action=AttachFile&do=get&target=scrn-firestarter-prefs.jpg

Installation

sudo apt-get install firestarter

Hints and Tips

Initial settings

Go under Edit -> Preferences Interface tab

  • Tic off "Enable tray icon" and "Minimize to tray on window close".
  • Your firewall will be active when you boot regardless of if you choose to activate the tray icon or not.

Policy tab (under Interface)

  • Tic off the "Apply policy changes immediately".

Network Settings

  • Select your interface

ICMP Filterings

  • Select "Enable ICMP filtering".
  • I advise you tic off (enable) "Echo request (ping) and "Echo reply (pong).
    • If you do not you will need to enable them if desired for network connection testing/troubleshooting.

Main window

You have three tabs : Status window Shows general information. To disable your firewall Firewall -> Stop firewall To re-enable Firewall -> Start firewall Events This window will show blocked events.

  • To allow a blocked connection, select the blocked connection, right click and select from the pull down menu.

Policy This is where you can set and review connection policies. This view is split, the upper view is for Hosts and the lower window is for Services aka Ports. To make a new policy, right click in either window and choose "Add rule" from the pull down menu.

  • To enable your LAN, use something like 192.168.1.1/24

To edit an existing policy select the appropriate policy in the window, right click, and select "Remove Rule" to delete the policy and "Edit rule" to modify the policy.

Troubleshooting

Network manager

Apparently there is a conflict between Firestarter and Network manager. The "fix" is to edit /etc/firestarter/firestarter.sh 

gksu gedit /etc/firestarter/firestarter.sh

Comment out : 

if [ "$MASK" = "" -a "$1" != "stop" ]; then
echo "External network device $IF is not ready. Aborting.."
exit 2
fi

Lke this: 

#if [ "$MASK" = "" -a "$1" != "stop" ]; then
#echo "External network device $IF is not ready. Aborting.."
#exit 2
#fi

Save your changes and re-boot.

Other applications you may wish to look at

Further Reading

取自“https://wiki.ubuntu.org.cn/index.php?title=UbuntuHelp:Firestarter&oldid=37030