Firestarter v. 1.0.3 firewall Mini Howto for linux. (I am using ubuntu 7.04 and kde) :-) Back to Main Page
This is a very short version, and if you want to know more, go to the Internet etc.
This howto is without any guarantee, and you may use it on your own responsibility only.
There may be errors, but I do not want to use too much time to write this howto.
To check specific words you may try: http://en.wikipedia.org/wiki/Main_Page (search).
Firestarter is a simple firewall, the purpose of which is to make your computer invincible to other people on the Internet.
If no ports are open to incoming data from the Internet, no data can
get in to your computer (a port is comparable with a door in a house,
but
only for data to pass through - there are many thousands ports available).
When you connect to the Internet, and send data to a foreign
website in order to ask for some data, e.g. a webpage or an email etc,
your
computer is always allowed to send data through the firewall and out
onto the Internet, and data which you have thus requested is allowed to
pass back to you through the firewall, all taken care of automatically by the system.
You can however open one or more ports, so data can be sent to you,
without you asking for it, but when the firewall is new installed,
all ports
are by default closed from the outside (the Internet).
Normally the firewall will take care of itself after installation, automatically start at boot time -and close at shutdown.
The only setup you might want to do, is to open one or more ports to
traffic coming from the Internet, when certain programs needs it.
Install "Firestarter" with Synaptic.
Choose K-menu - System - Firestarter:
As shown (above), choose the default values during the wizard set-up if
in doubt of what to select - now just click the "Forward" button and
the
"Network device setup" dialog will show up (see below):
Detected device (see above): Firestarter will detect your network connection automatically (here eth0)
Start the firewall on dial-out: Selected
IP address is assigned via DHCP: Selected
Then click the "Forward" button:
Internet Connection Sharing Setup (above): Leave as is - click the "Forward" button:
Ready to start your firewall (above): Leave as above and then click the "Save" button.
Now Firestarter is started and running.
You can run this setup wizard any time you like, just open Firestarter and choose: Firestarter - Firewall - Run Wizard
To close the Firestarter interface choose: Firestarter - Firewall -
Quit (and then Firestarter is running in the background, without
you seeing it).
If you want to open port 22, open a shell konsole and write the
following on the command line to start the program interface:
$ sudo firestarter
The Firestarter graphical interface opens up (see below):
Choose the "Policy" tab (see above).
The Policy dialog is shown (below):
Editing (see above): Choose "Inbound traffic policy".
Then right click in the small white area under "Allow service | Port | For" and select "+ Add Rule" (see below):
The "Add new inbound rule" dialog opens up (see below)
Write the number of the port, you want to be opened for inbound traffic
in the "Port" insert area - "22" - (see above), and the Name "SSH"
will
automatically be filled (from the list with ready made names - downward
showing black triangle list - certain port numbers are defaults).
Then click on the "+ Add" button, and port 22 is from now on opened for inward traffic (see below):
Now data from the Internet is allowed to pass through port 22 into the computer.
To remove port 22 again, select the line with the number (leftclick on
22 - makes the line blue) - then right click on the blue line and
select
"- Remove Rule" and click this (see below):
You may open as many ports as you like, but it is a security risk
for your computer, as some "bad people" can infect your system.
9/2007