Matt

Firestarter On Startup

Recommended Posts

Were getting close :-) The main problem we had was the lack for the "start" parameter. This should work. Instead of placing your firestarter.sh script in /etc/init.d, we should just replace it with a bash script the starts the script

Change to your home directory, then use a text editor to create this script, then save it as firestarter.sh

the script should contain the following

#!/bin/bash
/etc/firestarter/firestarter.sh start #don't use sudo

now you need to copy and make executable this newly made script to /etc/init.d. it should delete the script we put their earlier.

sudo cp firestarter.sh /etc/init.d
chmod +x /etc/init.d/firestarter.sh

Now we might be in business. reboot and see what happens.

Edited by shanenin

Share this post


Link to post
Share on other sites

Hi shane. I'm about to leave the house and will be out of town for a few days. I'll try this when I get back and let you know how it goes. Thanks so much for the help thus far! :)

Share this post


Link to post
Share on other sites

When I said your home directory, it was not very clear, yours would be /home/matt . It does not really matter what directory you do it from. I just wanted to make sure you were not in the directory /etc/firestarter. If you would would have created the file called firetstarter.sh there, it would have over written the one already there.

One other reason I had you do it that way. You have done some scripting so no the difference(I think) between absolute and relative paths. I gave you the command sudo cp firestarter.sh /etc/init.d, for this to work you both need to be in your directory, /home/matt, for the copy to work properly.

edit adder later//

in retrospect, I would have done this in a less confusing way , by using other names then firestarter.sh.

Edited by shanenin

Share this post


Link to post
Share on other sites

Also back to your original issue...next time you need to edit /etc/sudoers (and you will)

use the command sudo visudo...

IIRC you MUST use visudo to edit /etc/sudoers..

Some other distros allow you can change that but I don't think you can in Ubuntu.

Share this post


Link to post
Share on other sites

When you have some time. try the following. Maybe we can pinpoint where it is failing.

First could you post the output of the cat command. It will show the contents of the script

cat /etc/init.d/firestarter.sh

could you also post the output of ls -l, this will show the permissions of the script, in particular, if it is executable

ls -l /etc/init.d/firestarter.sh

Share this post


Link to post
Share on other sites

Here you go:

[email protected]:~$ sudo cat /etc/init.d/firestarter.sh
#!/bin/bash
/etc/firestarter/firestarter.sh start #don't use sudo

[email protected]:~$ ls -l /etc/init.d/firestarter.sh
-rwx--x--x 1 root root 67 2007-08-07 11:06 /etc/init.d/firestarter.sh

Small question: if I understand correctly, I was editing sudoers before because firestarter required a sudo pass to be started, and we were bypassing that. How are we attempting to bypass that now?

Share this post


Link to post
Share on other sites

All scripts which are run from the directory /etc/init.d are run by the system at bootup. These are run with full admin privileges. In that case sudo is not needed, it may have even break the script.

if you reboot and then run the following command

does it start your firewall?

sudo /etc/init.d/firestarter.sh

Share this post


Link to post
Share on other sites

It does (after asking for a password). Is it running as a daemon when it does this? No GUI appears, but the firewall seems to function.

Share this post


Link to post
Share on other sites
[email protected]:~$ ls -l /etc/rc2.d | grep fire
lrwxrwxrwx 1 root root 21 2007-07-31 20:39 S20firestarter -> ../init.d/firestarter
lrwxrwxrwx 1 root root 24 2007-08-02 09:27 S20firestarter.sh -> ../init.d/firestarter.sh

Share this post


Link to post
Share on other sites

Thats odd. I am not sure why you have two entries for firestarter.

lets try this. We are going to delete all the symlinks first.

sudo update-rc.d -f firestarter.sh remove
sudo update-rc.d -f firestarter remove

now we will rename the firestarter script from firestarter.sh to firestarter(I think the .sh might be causing a problem)

sudo mv /etc/init.d/firestarter.sh  /etc/init.d/firestarter

now lets create the needed symlinks so this starts at bootup(hopefully)

sudo update-rc.d firestarter defaults

you can try a reboot and see what happens.

Share this post


Link to post
Share on other sites

lets check and see if the script, "/etc/init.d/firestarter" is being started at bootup. currently the script has this content:

#!/bin/bash
/etc/firestarter/firestarter.sh start #don't use sudo

add one line. to make it look like this

#!/bin/bash
/etc/firestarter/firestarter.sh start #don't use sudo
touch /home/matt/itworked

the touch command will create a empty file called "itworked". If after rebooting, assuming the script is being run, it should create the file called "itworked" in your home directory. Let me know if that file is being created.

Share this post


Link to post
Share on other sites

are you sure the firewall is not running :wacko:

See my point. We know, if you run the script directly, it is starting the firewall. We also know the script in being run. Now I am just dumbfounded to why it is not working :angry:

Assuming the firewall is not running, one more time, try running it directly to see if it is being started

sudo /etc/init.d/firestarter

Share this post


Link to post
Share on other sites

[email protected]:~$ sudo /etc/init.d/firestarter
Password:
Firewall started

I don't believe that it does run automatically. The reason for this is when I bot and go to hackerwatch.org and do a port scan, most of my ports return "Closed but visible". When I manually start the firewall, the scan returns all ports as "secure".

Yes I do see your point. The script is obviously being executed, or that file would not have been created. The file even states that it was created by root, so we know that root privs are being used.

Just to double check, here's my /etc/init.d/firestarter

#!/bin/bash
/etc/firestarter/firestarter.sh start #don't use sudo

Share this post


Link to post
Share on other sites

Hold up shanenin. I just rebooted again and went back to hackerwatch.org. This time, it is showing my ports as secure, and I did not manually start the firewall.

It appears to be working!

Is there a way I can see what processes/services/daemons (or whatever we call them in linux) are actively running to make sure the firewall is active?

Share this post


Link to post
Share on other sites

ps -ef

as root

or just see of firestarter is running

ps -ef | grep firestarter

top will also show you processes, but if firestarter is not in the top 10 - 15 you may not see it.

Share this post


Link to post
Share on other sites

This is very strange.... I just ran hackerwatch.org and shields up scan after a new boot. This time, it is again telling me that my ports are closed, but insecure as opposed to when I start manually and scan. I don't get it at all.

I did notice that if I manually run Firestarter, and then 'Exit' it, my port scan comes up as secure--so I know that it can run in the background.

Maybe I haven't configured Firestarter correctly.

Here's this, if that's of any help (before manually starting it):

[email protected]:~$ ps -ef | grep firestarter
matt 5768 5746 0 19:33 pts/0 00:00:00 grep firestarter

Edit: I just rebooted yet again, went to shields up, and it is reporting that my ports are secure. It seems as though it is inconsistent on whether or not it actually loads on bootup.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...