[Firestarter-user] Re: Firestarter 0.9.1 and Slackware 8.1
Brought to you by:
majix
From: Michael S. -M. Bones.- <mst...@co...> - 2003-02-19 02:39:47
|
Just for completion: This turns out to be a bug, which is probably well known to everyone but me, in firestarter 0.9.0. I upgraded to 0.9.1 (+ the gcc2 patch) and all the ports now come up blocked like they should. I think problem is in this line, from the 0.9.0 generated firewall.sh file: $IPT -I STATE -m state --state NEW -i ! lo -j ACCEPT 0.9.1 generates: $IPT -I STATE -m state --state NEW -i ! lo -j $STOP instead, which to my untrained eye, looks like the right thing to do. I think that says to $STOP any new connections that aren't on the loopback interface. Michael Sterrett -Mr. Bones.- mic...@co... On Wed, 12 Feb 2003, Greg Julius wrote: > Hummmmm, I see said the blind man.... > > <Before I forget, just send to the list. Otherwise I'm getting two copies > of each of your posts. Thanks,> > > Um, Mine is very different. What version are you running? I'm running the > 0.9.1 version for Gnome2. > >On Wed, 12 Feb 2003, Greg Julius wrote: > > > > > I'm running firestarter on my gateway box and doing NAT to my internal > > > network. working great. I also have run the browser from the gateway and > > > the internal PC and against both security websites. No holes found. > > > > > > -g > > > Who? Me? > > > I'm not here. > > > > > > At 05:26 PM 2/12/03, you wrote: > > > >Are you running a NAT box between you and the internet? > > > > > > > >I have firestarter running the box sitting on the internet, but it's doing > > > >NAT for the rest of my network. I think this is a difference in our > > setups > > > >and could be the reason I show open ports on the stealth scan. The ports > > > >that show up as open are *not* open on the firewall box but are definitely > > > >open on the box inside the firewall, where I'm running my browser. > > > > > > > >Michael Sterrett > > > > -Mr. Bones.- > > > >mic...@co... > > > > > > > > > > > >On Wed, 12 Feb 2003, Greg Julius wrote: > > > > > > > > > I'm running a very vanilla firestarter setup. No extra rules just > > > > straight > > > > > out of the wizard. > > > > > > > > > > I have used both http://scan.sygate.com/stealthscan.html & > > > > > http://scan.sygate.com/stealthscan.html and had them both come up fully > > > > > stealthed/blocked. > > > > > > > > > > -g > > > > > > > > > > At 04:39 PM 2/12/03, you wrote: > > > > > >Hmmm, interesting. > > > > > > > > > > > >I hadn't tried that firewall testing site before and so I tried it on > > > > > >my box. The quick scan shows up nothing, but the stealth scan > > shows open > > > > > >ports. Notably, the ports that I have open on the box sitting > > behind my > > > > > >firestarter firewalled NAT box. > > > > > > > > > > > >This is definitely a concern. > > > > > > > > > > > >Tomas - can you take a look at > > http://scan.sygate.com/stealthscan.html and > > > > > >see if there is a flaw in firestarter that would allow penetration > > of the > > > > > >firewall to access hosts behind the firewall and comment on this > > please? > > > > > > > > > > > >Thanks, > > > > > > > > > > > >Michael Sterrett > > > > > > -Mr. Bones.- > > > > > >mic...@co... > > > > > > > > > > > >On Wed, 12 Feb 2003, Martijn Brouwer wrote: > > > > > > > > > > > > > If you are unsure about your firewall config and want to test > > it, try > > > > > > scan.sygatetech.com > > > > > > > > > > > > > > Bye, > > > > > > > > > > > > > > Martijn > > > > > > > > > > > > > > > > > > > > > On Wed, 12 Feb 2003 19:08:50 +0100 > > > > > > > Luca Rosellini <luc...@li...> wrote: > > > > > > > > > > > > > > > Hello, I am new to Firestarter and to linux packet filtering. I > > > > > > succesfully installed Gnome 2.2 and Firestarter 0.9.1 on my > > Slackware > > > > 8.1 box. > > > > > > > > I used the wizard to create my firewall and everything seems > > to work > > > > > > perfectly. The problem is that In the Hit View I don't get any entry. > > > > > > > > > > > > > > > > Using Mandrake 9 with the same configuration and browsing the > > same > > > > > > sites I get lots of hits. > > > > > > > > > > > > > > > > Maybe I got probles with logging facilities on my system? > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > > > > This sf.net email is sponsored by:ThinkGeek > > > > > > > Welcome to geek heaven. > > > > > > > http://thinkgeek.com/sf > > > > > > > _______________________________________________ > > > > > > > Firestarter-user mailing list > > > > > > > Fir...@li... > > > > > > > https://lists.sourceforge.net/lists/listinfo/firestarter-user > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >------------------------------------------------------- > > > > > >This sf.net email is sponsored by:ThinkGeek > > > > > >Welcome to geek heaven. > > > > > >http://thinkgeek.com/sf > > > > > >_______________________________________________ > > > > > >Firestarter-user mailing list > > > > > >Fir...@li... > > > > > >https://lists.sourceforge.net/lists/listinfo/firestarter-user > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > > This sf.net email is sponsored by:ThinkGeek > > > > > Welcome to geek heaven. > > > > > http://thinkgeek.com/sf > > > > > _______________________________________________ > > > > > Firestarter-user mailing list > > > > > Fir...@li... > > > > > https://lists.sourceforge.net/lists/listinfo/firestarter-user > > > > > > > > > > > > > > > > > > > > >------------------------------------------------------- > > > >This sf.net email is sponsored by:ThinkGeek > > > >Welcome to geek heaven. > > > >http://thinkgeek.com/sf > > > >_______________________________________________ > > > >Firestarter-user mailing list > > > >Fir...@li... > > > >https://lists.sourceforge.net/lists/listinfo/firestarter-user > > > > > > > > > > > > ------------------------------------------------------- > > > This sf.net email is sponsored by:ThinkGeek > > > Welcome to geek heaven. > > > http://thinkgeek.com/sf > > > _______________________________________________ > > > Firestarter-user mailing list > > > Fir...@li... > > > https://lists.sourceforge.net/lists/listinfo/firestarter-user > > > > > > > > > > >------------------------------------------------------- > >This sf.net email is sponsored by:ThinkGeek > >Welcome to geek heaven. > >http://thinkgeek.com/sf > >_______________________________________________ > >Firestarter-user mailing list > >Fir...@li... > >https://lists.sourceforge.net/lists/listinfo/firestarter-user > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Firestarter-user mailing list > Fir...@li... > https://lists.sourceforge.net/lists/listinfo/firestarter-user > |