I installed Firestarter, and configured my firewall.
But I'm in doubt : On boot, I sometimes see a [FAIL] marker, and to the left, I guess it was something like "start firewall". I can't be sure because the message is seen for less than a second, so I wanted to know if there is a way, without starting the whole firestarter software, to know if the firewall is on and working, or not.
Either a gadget, or better, some console instruction, the exact name of the firewall process/daemon, or bash script, will do.
Edit: I already tested my computer with the "Shield's Up" http://www.grc.com feature, which marks my computer as "Stealth", but as I am behind a router, I'm not surprised. Still, apparently, my computer answers to pings... Strange...
There are basically 2 ways of seeing if the firewall is configured. You should use both of the methods and verify that the firewall is both configured and configured the way you wish it to be.
First, check that the firewall rules have been applied. Pretty much all modern Linux firewall solutions use iptables for firewall. You can see that there are rules in place with iptables command:
This will return the current set of rules. There can be a few rules in the set even if your firewall rules haven't been applied. Just look for lines that match your given rulesets. This will give you an idea of what rules have been entered to the system. this doesn't guarantee the validity of the rules, only that they have been understood.
Next, you will use a second computer to test for connections against the host in question. This can be easily done with the
nmapcommand (found in nmap package). Quick and dirty way of checking is:Replace the IP address 10.0.0.10 with your destination hosts IP address.
The first line will scan for TCP ports that are open and available from the second computer. Second line will repeat the scan but this time with UDP ports. -P0 flag will prevent the host from being tested with a ICMP Echo packet, but might be blocked by your firewall rules.
The scan might take a while so be patient. There is also a GUI frontend for nmap called
zenmapwhich makes it a bit easier to interpret the scan results if there is a lot of output.You can use this command:
To check Firewall status use command:
To enable the firewall use command:
To disable the firewall use command:
First of all, you can review the syslog for any error messages from services with
sudo less /var/log/syslog. That may give you a clue as to why the firestarter service didn't start.You can manipulate services with the
servicecommand. To check whether a service runs, useservice [service_name] status. In your case, I guessservice_nameis justfirestarter. You can use tab-completion to get a list of available services (service TAB TAB), or take a look at the contents of directory/etc/init.d(every file is a script to manage a service).Ubuntu has its own firewall system, called Uncomplicated Firewall (ufw). Maybe it's easier to use that one within Ubuntu. If you install the package
gufw, you can access the configuration in System -> Administration -> Firewall configuration.The
iptablescommand mentioned above works on any Linux system. All Linux firewall configuration tools (like ufw, firestarter, and many others) are basically front-ends to iptables.