[Bug 59647] Re: Firewall not persistent
This package has been removed from Ubuntu. Closing all related bugs. ** Changed in: firestarter (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/59647 Title: Firewall not persistent To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firestarter/+bug/59647/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
I stumbled across this bug because the firewall DOES seem to be persistent in the latest version (1.0.3-6ubuntu4). I installed Firestarter, setup a simple firewall, and now it is being applied whenever my wireless connection goes up or down (by NetworkManager, from /etc/network/if-up.d/50firestarter). This is NOT what I want, however. I only want to run the firewall when I explicitly start Firestarter. I only installed it because I wanted to monitor outgoing connections for something I was working on. I agree that it's a security risk if users think the firewall is persistent when it is not, however there needs to be an easy way to disable this persistence. Realistically, I only want a firewall to be activated when I am logging into a public wifi network or some other condition. It would be great if the activation of Firestarter could be tied into Network Manager so all this was automated somehow. -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
** Changed in: firestarter (Ubuntu) Status: New => Confirmed -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
** Changed in: firestarter (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) Status: Confirmed => New -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
Henry, I assume you're kinda new to linux, so I'll keep this simple. First, configure your firewall -- that is, you just have to start it the first time, that'll be ok. After you've done that, open a terminal window, and paste the following in it (without the quotes): "gksudo gedit /etc/firestarter/firestarter.sh". That will open you an editor window. Now, seek in there the following lines (probably line 33 in the file): -- echo "External network device $IF is not ready. Aborting.." exit 2 -- edit the second line so it becomes: -- echo "External network device $IF is not ready. Aborting.." # exit 2 -- Now seek these two lines (line 39 I think): -- echo "Internal network device $INIF is not ready. Aborting.." exit 3 -- edit the second one so that it becomes: -- echo "Internal network device $INIF is not ready. Aborting.." # exit 3 -- This will probably fix your problem and you'll have a running firewall. After doing this, you'll probably have to restart your computer. If you want to check whether your firewall is running, just do "sudo iptables -L -n" in a terminal. If it doesn't give you this (see below), and it returns many many lines of text, then it means the firewall is active. -- Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination -- Eduard -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
** Changed in: firestarter (Ubuntu) Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security) -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
great! how do you apply this patch? thanks -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
This whole bug is a race condition. The problem occurs when the computer does not have the time to setup its network interfaces, and the /etc/firestarter/firestarter.sh script is run during that period. I've got a (very) temporary solution (it worked for me) : 32,42c32,42 < if [ "$MASK" = "" -a "$1" != "stop" ]; then < echo "External network device $IF is not ready. Aborting.." < exit 2 < fi < < if [ "$NAT" = "on" ]; then < if [ "$INMASK" = "" -a "$1" != "stop" ]; then < echo "Internal network device $INIF is not ready. Aborting.." < exit 3 < fi < fi --- > #if [ "$MASK" = "" -a "$1" != "stop" ]; then > # echo "External network device $IF is not ready. Aborting.." > # exit 2 > #fi > > #if [ "$NAT" = "on" ]; then > # if [ "$INMASK" = "" -a "$1" != "stop" ]; then > # echo "Internal network device $INIF is not ready. Aborting.." > # exit 3 > # fi > #fi -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
This is a _security_ bug. The cause : it's a race condition between the kernel and firestarter.sh . ** Changed in: firestarter (Ubuntu) Status: Invalid => Confirmed -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
We are closing this bug report as it lacks the information, described in the previous comments, we need to investigate the problem further. However, please reopen it if you can give us the missing information and don't hesitate to submit bug reports in the future. ** Changed in: firestarter (Ubuntu) Assignee: Lionel Le Folgoc => (unassigned) Status: Needs Info => Rejected -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
Thanks for your bug report. Do you use network-manager to manage your wireless network? If yes, I think this is the same issue as Bug #42759. ** Changed in: firestarter (Ubuntu) Assignee: (unassigned) => Lionel Le Folgoc Status: Unconfirmed => Needs Info -- Firewall not persistent https://bugs.launchpad.net/bugs/59647 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
** Bug 59646 has been marked a duplicate of this bug -- Firewall not persistent https://launchpad.net/bugs/59647 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
This is confirmed by another user. See: http://www.ubuntuforums.org/showthread.php?t=254906&highlight=firestarter -- Firewall not persistent https://launchpad.net/bugs/59647 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 59647] Re: Firewall not persistent
** Visibility changed to: Public -- Firewall not persistent https://launchpad.net/bugs/59647 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
