Thread: [Firestarter-user] Query about firestarter and IPV6
Brought to you by:
majix
From: Bret B. <bre...@gm...> - 2012-02-28 19:14:42
|
Hello. I have tonight found the message below, on a local Linux User Group (PLUG) mailing list. I ask whether any implications arise, involving firestarter. Would we have to reinstall/reconfigure our installations of firestarter, upon the implementation of IPV6, and, is firestarter compatible with IPV6? Thank you in anticipation. -- Bret Busby Armadale West Australia .............. "So once you do know what the question actually is, you'll know what the answer means." - Deep Thought, Chapter 28 of Book 1 of "The Hitchhiker's Guide to the Galaxy: A Trilogy In Four Parts", written by Douglas Adams, published by Pan Books, 1992 .................................................... Hi all, Some of us might be getting IPv6 this year so I though to prepare myself for when the time it right. What I found out was that IPv6 does not support NAT which shocked me initially. I really like the separation of an internal and external network. It allowed me to configure my internal firewall to allow access to all machines on the internal network by simply specifying 192.168.1.0/24 for example. Using NAT on my router also provided me with added security as I could map specific protocols to specific computers on the internal network. The fact that the internet was running out of addresses was really secondary in my thoughts as all I needed was a single IP address. No with IPv6 on the horizon this is all about to change. I was wondering since several of the plug services already support IPv6 if anybody could give me some suggestion on how to deal with this ? Will I need to setup a firewall around each and every device on my network ? Since each of them has an "external" address what is preventing anybody from accessing it if it didn't have a firewall. In particular: How can I identify all internal devices, do I have to list them individually ? Is this done with the prefix ? My router allows me to set a prefix for internal devices which get their address from it using DHCP ? What is preventing me from picking the same prefix as somebody else and how is this handled ? If my local DHCP server is offering IPv6 addresses how are conflicts handled ? Is it possible to use a personalised scheme in the address. For example each machines in a given building (99) use a specific range (192.168.99.x). (Not that I have building, just in theory). .................................................... |
From: <web...@au...> - 2012-02-28 21:13:07
|
Bret, Firestarter has been abandoned for ages. I suggest you swap to iptables and ip6tables for your needs. Cheers, David Quoting Bret Busby <bre...@gm...>: > Hello. > > I have tonight found the message below, on a local Linux User Group > (PLUG) mailing list. > > I ask whether any implications arise, involving firestarter. > > Would we have to reinstall/reconfigure our installations of > firestarter, upon the implementation of IPV6, and, is firestarter > compatible with IPV6? > > Thank you in anticipation. > > -- > Bret Busby > Armadale > West Australia > .............. > > "So once you do know what the question actually is, > you'll know what the answer means." > - Deep Thought, > Chapter 28 of Book 1 of > "The Hitchhiker's Guide to the Galaxy: > A Trilogy In Four Parts", > written by Douglas Adams, > published by Pan Books, 1992 > > .................................................... > > Hi all, > > Some of us might be getting IPv6 this year so I though to prepare > myself for when the time it right. What I found out was that IPv6 does > not support NAT which shocked me initially. I really like the > separation of an internal and external network. It allowed me to > configure my internal firewall to allow access to all machines on the > internal network by simply specifying 192.168.1.0/24 for example. > Using NAT on my router also provided me with added security as I could > map specific protocols to specific computers on the internal network. > The fact that the internet was running out of addresses was really > secondary in my thoughts as all I needed was a single IP address. > > No with IPv6 on the horizon this is all about to change. I was > wondering since several of the plug services already support IPv6 if > anybody could give me some suggestion on how to deal with this ? > > Will I need to setup a firewall around each and every device on my > network ? Since each of them has an "external" address what is > preventing anybody from accessing it if it didn't have a firewall. > > In particular: > How can I identify all internal devices, do I have to list them > individually ? Is this done with the prefix ? > > My router allows me to set a prefix for internal devices which get > their address from it using DHCP ? What is preventing me from picking > the same prefix as somebody else and how is this handled ? > > If my local DHCP server is offering IPv6 addresses how are conflicts > handled ? > > Is it possible to use a personalised scheme in the address. For > example each machines in a given building (99) use a specific range > (192.168.99.x). (Not that I have building, just in theory). > .................................................... > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > Firestarter-user mailing list > To unsubscribe, visit > https://lists.sourceforge.net/lists/listinfo/firestarter-user > |
From: Bret B. <bre...@gm...> - 2012-02-29 04:17:13
|
On 29/02/2012, web...@au... <web...@au...> wrote: > Bret, > > Firestarter has been abandoned for ages. If that is the case, then it is quite unfortunate. Due to a number of reasons, when I lost my firewall/gateway server that had been running Smoothwall Express, early last year, as I had posted on this list, I went through a bit of trouble, and, with assistance, managed to get firestarter up and running at about the start of April last year, and have been running it since. If what you have said is correct, that means, with all of the other difficulties in life, I now have to start again from scratch, and install and set up and try to get working, another firewall/gateway system. Just when we start to think that we have a chance to get out of the mire, something else drags us back down. Several years ago, before I started using Smoothwall Express, I had been using an iptables script that had been set up by a local Linux User, but it was complicated and I could not update or maintain the script, due to its complexity. Then, along came Smoothwall Express, which seemed okay to install and set up, but (it was, I think, Smoothwall Express 2) I could never figure out how to update it. When my firewall/gateway computer that I had been using, failed, I could not get Smoothwall Express 3 working, and found a lack of support. So, I searched and found firestarter. With (I believe) much assistance from Mark Wise, who I assumed to have been the developer, or, if not, a very helpful and knowledgeable person regarding firestarter, I got the firestarter computer up and running, and it has been working away, for the last (almost) year, since the start of April last year. If firewall has indeed been abandoned, then, I think, it is definitely a "Woe is me" situation. I have just searcher for, and, found, the web site at http://www.fs-security.com/ , which apparently shows the developer of firestarter to be Tomas Junnonen ("Firestarter and all the contents on this page are © 2000-2007 Tomas Junnonen."). That web page, being the home page for the firestarter web site, does not include mention of Firestarter having been abandoned. The web page at http://en.wikipedia.org/wiki/Firestarter_(firewall) shows the status of Firestarter to be discontinued, so I will investigate this further. So, I have now sent an email message to Tomas Junnonen, asking for clarification of the status of Firestarter. -- Bret Busby Armadale West Australia .............. "So once you do know what the question actually is, you'll know what the answer means." - Deep Thought, Chapter 28 of Book 1 of "The Hitchhiker's Guide to the Galaxy: A Trilogy In Four Parts", written by Douglas Adams, published by Pan Books, 1992 .................................................... |
From: David C. <web...@au...> - 2012-02-29 04:30:44
|
It's abandoned fedora dropped firestarter back with either fc12 or 13. As its fc16 now your talking years and years ago. Just as other distros continue to supply it, redhat and fedora dropped it as it is not ipv6 and its been untouched for many years. Cheers, David Sent from my iPhone On 29/02/2012, at 15:17, Bret Busby <bre...@gm...> wrote: > On 29/02/2012, web...@au... <web...@au...> wrote: >> Bret, >> >> Firestarter has been abandoned for ages. > > If that is the case, then it is quite unfortunate. > > Due to a number of reasons, when I lost my firewall/gateway server > that had been running Smoothwall Express, early last year, as I had > posted on this list, I went through a bit of trouble, and, with > assistance, managed to get firestarter up and running at about the > start of April last year, and have been running it since. > > If what you have said is correct, that means, with all of the other > difficulties in life, I now have to start again from scratch, and > install and set up and try to get working, another firewall/gateway > system. > > Just when we start to think that we have a chance to get out of the > mire, something else drags us back down. > > Several years ago, before I started using Smoothwall Express, I had > been using an iptables script that had been set up by a local Linux > User, but it was complicated and I could not update or maintain the > script, due to its complexity. Then, along came Smoothwall Express, > which seemed okay to install and set up, but (it was, I think, > Smoothwall Express 2) I could never figure out how to update it. When > my firewall/gateway computer that I had been using, failed, I could > not get Smoothwall Express 3 working, and found a lack of support. So, > I searched and found firestarter. > > With (I believe) much assistance from Mark Wise, who I assumed to have > been the developer, or, if not, a very helpful and knowledgeable > person regarding firestarter, I got the firestarter computer up and > running, and it has been working away, for the last (almost) year, > since the start of April last year. > > If firewall has indeed been abandoned, then, I think, it is definitely > a "Woe is me" situation. > > I have just searcher for, and, found, the web site at > http://www.fs-security.com/ , which apparently shows the developer of > firestarter to be Tomas Junnonen > ("Firestarter and all the contents on this page are © 2000-2007 Tomas > Junnonen."). > > That web page, being the home page for the firestarter web site, does > not include mention of Firestarter having been abandoned. > > The web page at http://en.wikipedia.org/wiki/Firestarter_(firewall) > shows the status of Firestarter to be discontinued, so I will > investigate this further. > > So, I have now sent an email message to Tomas Junnonen, asking for > clarification of the status of Firestarter. > > -- > Bret Busby > Armadale > West Australia > .............. > > "So once you do know what the question actually is, > you'll know what the answer means." > - Deep Thought, > Chapter 28 of Book 1 of > "The Hitchhiker's Guide to the Galaxy: > A Trilogy In Four Parts", > written by Douglas Adams, > published by Pan Books, 1992 > > .................................................... > > ------------------------------------------------------------------------------ > Virtualization & Cloud Management Using Capacity Planning > Cloud computing makes use of virtualization - but cloud computing > also focuses on allowing computing to be delivered as a service. > http://www.accelacomm.com/jaw/sfnl/114/51521223/ > _______________________________________________ > Firestarter-user mailing list > To unsubscribe, visit https://lists.sourceforge.net/lists/listinfo/firestarter-user |
From: David C. <web...@au...> - 2012-02-29 07:53:37
|
Here Bret this is off Ubuntu forums saying don't use it as its dead - unmaintained. http://ubuntuforums.org/archive/index.php/t-1416373.html Sent from my iPhone On 29/02/2012, at 15:17, Bret Busby <bre...@gm...> wrote: > On 29/02/2012, web...@au... <web...@au...> wrote: >> Bret, >> >> Firestarter has been abandoned for ages. > > If that is the case, then it is quite unfortunate. > > Due to a number of reasons, when I lost my firewall/gateway server > that had been running Smoothwall Express, early last year, as I had > posted on this list, I went through a bit of trouble, and, with > assistance, managed to get firestarter up and running at about the > start of April last year, and have been running it since. > > If what you have said is correct, that means, with all of the other > difficulties in life, I now have to start again from scratch, and > install and set up and try to get working, another firewall/gateway > system. > > Just when we start to think that we have a chance to get out of the > mire, something else drags us back down. > > Several years ago, before I started using Smoothwall Express, I had > been using an iptables script that had been set up by a local Linux > User, but it was complicated and I could not update or maintain the > script, due to its complexity. Then, along came Smoothwall Express, > which seemed okay to install and set up, but (it was, I think, > Smoothwall Express 2) I could never figure out how to update it. When > my firewall/gateway computer that I had been using, failed, I could > not get Smoothwall Express 3 working, and found a lack of support. So, > I searched and found firestarter. > > With (I believe) much assistance from Mark Wise, who I assumed to have > been the developer, or, if not, a very helpful and knowledgeable > person regarding firestarter, I got the firestarter computer up and > running, and it has been working away, for the last (almost) year, > since the start of April last year. > > If firewall has indeed been abandoned, then, I think, it is definitely > a "Woe is me" situation. > > I have just searcher for, and, found, the web site at > http://www.fs-security.com/ , which apparently shows the developer of > firestarter to be Tomas Junnonen > ("Firestarter and all the contents on this page are © 2000-2007 Tomas > Junnonen."). > > That web page, being the home page for the firestarter web site, does > not include mention of Firestarter having been abandoned. > > The web page at http://en.wikipedia.org/wiki/Firestarter_(firewall) > shows the status of Firestarter to be discontinued, so I will > investigate this further. > > So, I have now sent an email message to Tomas Junnonen, asking for > clarification of the status of Firestarter. > > -- > Bret Busby > Armadale > West Australia > .............. > > "So once you do know what the question actually is, > you'll know what the answer means." > - Deep Thought, > Chapter 28 of Book 1 of > "The Hitchhiker's Guide to the Galaxy: > A Trilogy In Four Parts", > written by Douglas Adams, > published by Pan Books, 1992 > > .................................................... > > ------------------------------------------------------------------------------ > Virtualization & Cloud Management Using Capacity Planning > Cloud computing makes use of virtualization - but cloud computing > also focuses on allowing computing to be delivered as a service. > http://www.accelacomm.com/jaw/sfnl/114/51521223/ > _______________________________________________ > Firestarter-user mailing list > To unsubscribe, visit https://lists.sourceforge.net/lists/listinfo/firestarter-user |