[已解决][问题]Firestarter 防火墙不能启动,两种方法试了都不行

上网、浏览、聊天、下载等
回复
aaawhale
帖子: 63
注册时间: 2007-09-24 16:51
送出感谢: 0
接收感谢: 0

[已解决][问题]Firestarter 防火墙不能启动,两种方法试了都不行

#1

帖子 aaawhale » 2008-05-22 10:53

Firestarter 防火墙不能启动

方法一
sudo vi /etc/firestarter/firestarter.sh
把以下内容:
IP=`/sbin/ifconfig $IF | grep inet | cut -d : -f 2 | cut -d \ -f 1`
MASK=`/sbin/ifconfig $IF | grep Mas | cut -d : -f 4`
BCAST=`/sbin/ifconfig $IF |grep Bcast: | cut -d : -f 3 | cut -d \ -f 1`
改为:
IP=`/sbin/ifconfig $IF | grep inet | cut -d : -f 2 | cut -d \ -f 1`
MASK=`/sbin/ifconfig $IF | grep 掩码: | cut -d : -f 4`
BCAST=`/sbin/ifconfig $IF |grep 广播: | cut -d : -f 3 | cut -d \ -f 1`

方法二
另外用sudo vi /etc/firestarter/firestarter.sh
添加一行:
LANG=en_US
附件
Screenshot.png
上次由 aaawhale 在 2008-05-23 22:28,总共编辑 1 次。
sirxenofex
帖子: 204
注册时间: 2008-01-07 16:39
送出感谢: 0
接收感谢: 0

#2

帖子 sirxenofex » 2008-05-22 11:04

你自己开一个终端,然后

代码: 全选

ifconfig
看看输出包含不包含中文。一般情况下因为系统语言为中文,ifconfig输出也是中文。firestarter启动脚本要用到ifconfig的输出,但它默认认的是英文。

你先看看先

代码: 全选

LANG=en_US
看看ifconfig是不是变成了英文。如果没有,就改为

代码: 全选

export $LANG=en_US
应该就可以了。如果成功了,那就在启动脚本里添上这一行。
aaawhale
帖子: 63
注册时间: 2007-09-24 16:51
送出感谢: 0
接收感谢: 0

还是不行啊,问题在哪里

#3

帖子 aaawhale » 2008-05-22 21:43

mtmt111@mtmt111-desktop:~$ ifconfig
eth0 Link encap:以太网 硬件地址 00:1d:7d:94:4c:41
inet6 地址: fe80::21d:7dff:fe94:4c41/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 跃点数:1
接收数据包:197642 错误:0 丢弃:0 过载:0 帧数:0
发送数据包:205446 错误:0 丢弃:0 过载:0 载波:0
碰撞:0 发送队列长度:1000
接收字节:88698752 (84.5 MB) 发送字节:45268920 (43.1 MB)
中断:221 基本地址:0x2000

lo Link encap:本地环回
inet 地址:127.0.0.1 掩码:255.0.0.0
inet6 地址: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 跃点数:1
接收数据包:13912 错误:0 丢弃:0 过载:0 帧数:0
发送数据包:13912 错误:0 丢弃:0 过载:0 载波:0
碰撞:0 发送队列长度:0
接收字节:27592225 (26.3 MB) 发送字节:27592225 (26.3 MB)

ppp0 Link encap:点对点协议
inet 地址:220.188.76.140 点对点:220.188.72.1 掩码:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 跃点数:1
接收数据包:197530 错误:0 丢弃:0 过载:0 帧数:0
发送数据包:205326 错误:0 丢弃:0 过载:0 载波:0
碰撞:0 发送队列长度:3
接收字节:84346312 (80.4 MB) 发送字节:39922578 (38.0 MB)

mtmt111@mtmt111-desktop:~$ LANG=en_US
mtmt111@mtmt111-desktop:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:1d:7d:94:4c:41
inet6 addr: fe80::21d:7dff:fe94:4c41/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:197705 errors:0 dropped:0 overruns:0 frame:0
TX packets:205532 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:88715379 (84.6 MB) TX bytes:45277983 (43.1 MB)
Interrupt:221 Base address:0x2000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:13916 errors:0 dropped:0 overruns:0 frame:0
TX packets:13916 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:27594269 (26.3 MB) TX bytes:27594269 (26.3 MB)

ppp0 Link encap:Point-to-Point Protocol
inet addr:220.188.76.140 P-t-P:220.188.72.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:197592 errors:0 dropped:0 overruns:0 frame:0
TX packets:205411 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:84361515 (80.4 MB) TX bytes:39929367 (38.0 MB)

mtmt111@mtmt111-desktop:~$



我是这样改的mtmt111@mtmt111-desktop:~$ sudo gedit /etc/firestarter/firestarter.sh
mtmt111@mtmt111-desktop:~$



#!/bin/bash
#-----------( Firestarter Control Script )-----------#


# Load Configuration
source /etc/firestarter/configuration 2>&1

# --(Set program paths)--

IPT=/sbin/iptables
IFC=/sbin/ifconfig
MPB=/sbin/modprobe
LSM=/sbin/lsmod
RMM=/sbin/rmmod


# --(Extract Network Information)--
LANG=en_US
# External network interface data

IP=`/sbin/ifconfig $IF | grep inet | cut -d : -f 2 | cut -d \ -f 1`
MASK=`/sbin/ifconfig $IF | grep Mas | cut -d : -f 4`
BCAST=`/sbin/ifconfig $IF |grep Bcast: | cut -d : -f 3 | cut -d \ -f 1`
NET=$IP/$MASK

if [ "$NAT" = "on" ]; then
# Internal network interface data
INIP=`/sbin/ifconfig $INIF | grep inet | cut -d : -f 2 | cut -d \ -f 1`
INMASK=`/sbin/ifconfig $INIF | grep Mas | cut -d : -f 4`
INBCAST=`/sbin/ifconfig $INIF |grep Bcast: | cut -d : -f 3 | cut -d \ -f 1`
INNET=$INIP/$INMASK
fi

if [ "$MASK" = "" -a "$1" != "stop" ]; then
echo "External network device $IF is not ready. Aborting.."
exit 2
fi

if [ "$NAT" = "on" ]; then
if [ "$INMASK" = "" -a "$1" != "stop" ]; then
echo "Internal network device $INIF is not ready. Aborting.."
exit 3
fi
fi


# --(Helper Functions)--

# Scrub data parameters before use
scrub_parameters () {
target=`echo $target | sed 's/ //'g`
port=`echo $port | sed 's/ //'g | sed "s/-/:/"`
ext_port=`echo $ext_port | sed 's/ //'g | sed "s/-/:/"`
int_port_dashed=`echo $int_port | sed 's/ //'g | sed "s/:/-/"`
int_port=`echo $int_port | sed 's/ //'g | sed "s/-/:/"`
if [ "$target" == "everyone" ]; then target=0/0
else if [ "$target" == "firewall" ]; then target=$IP
else if [ "$target" == "lan" ]; then target=$INNET
fi fi fi
}


# --(Control Functions)--

# Create Firestarter lock file
lock_firestarter () {
if [ -e /var/lock/subsys ]; then
touch /var/lock/subsys/firestarter
else
touch /var/lock/firestarter
fi
}

# Remove Firestarter lock file
unlock_firestarter () {
if [ -e /var/lock/subsys ]; then

rm -f /var/lock/subsys/firestarter
else
rm -f /var/lock/firestarter
fi
}

# Start system DHCP server
start_dhcp_server () {
if [ "$DHCP_DYNAMIC_DNS" = "on" ]; then
NAMESERVER=
# Load the DNS information into the dhcp configuration
while read keyword value garbage
do
if [ "$keyword" = "nameserver" ]; then
if [ "$NAMESERVER" = "" ]; then
NAMESERVER="$value"
else
NAMESERVER="$NAMESERVER, $value"
fi
fi
done < /etc/resolv.conf

if [ "$NAMESERVER" != "" ]; then
if [ -f /etc/dhcpd.conf ]; then
sed "s/domain-name-servers.*$/domain-name-servers $NAMESERVER;/" /etc/dhcpd.conf > /etc/dhcpd.conf.tmp
mv /etc/dhcpd.conf.tmp /etc/dhcpd.conf
fi
if [ -f /etc/dhcp3/dhcpd.conf ]; then
sed "s/domain-name-servers.*$/domain-name-servers $NAMESERVER;/" /etc/dhcp3/dhcpd.conf > /etc/dhcp3/dhcpd.conf.tmp
mv /etc/dhcp3/dhcpd.conf.tmp /etc/dhcp3/dhcpd.conf
fi
else
echo -e "Warning: Could not determine new DNS settings for DHCP\nKeeping old configuration"
fi
fi

if [ -e /etc/init.d/dhcp3-server ]; then
/etc/init.d/dhcp3-server restart > /dev/null
elif [ -e /etc/init.d/dhcpd ]; then
/etc/init.d/dhcpd restart > /dev/null
elif [ -e /etc/init.d/dnsmasq ]; then
/etc/init.d/dnsmasq restart > /dev/null
else
/usr/sbin/dhcpd 2> /dev/null
fi

if [ $? -ne 0 ]; then
echo Failed to start DHCP server
exit 200
fi
}

# Start the firewall, enforcing traffic policy
start_firewall () {
lock_firestarter
source /etc/firestarter/firewall 2>&1
retval=$?
if [ $retval -eq 0 ]; then
echo "Firewall started"
else
echo "Firewall not started"
unlock_firestarter
exit $retval
fi
}

# Stop the firewall, traffic flows freely
stop_firewall () {
$IPT -F
$IPT -X
$IPT -Z
$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -t mangle -F 2>/dev/null
$IPT -t mangle -X 2>/dev/null
$IPT -t mangle -Z 2>/dev/null
$IPT -t nat -F 2>/dev/null
$IPT -t nat -X 2>/dev/null
$IPT -t nat -Z 2>/dev/null
retval=$?
if [ $retval -eq 0 ]; then
unlock_firestarter
echo "Firewall stopped"
fi
exit $retval
}

# Lock the firewall, blocking all traffic
lock_firewall () {
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT DROP
$IPT -F;
$IPT -X
$IPT -Z
retval=$?
if [ $? -eq 0 ]; then
echo "Firewall locked"
fi
exit $retval
}

# Report the status of the firewall
status () {
if [ -e /var/lock/subsys/firestarter -o -e /var/lock/firestarter ]; then
echo "Firestarter is running..."
else
echo "Firestarter is stopped"
fi
}

case "$1" in
start)
start_firewall
if [ "$NAT" = "on" -a "$DHCP_SERVER" = "on" ]; then
start_dhcp_server
fi
;;
stop)
stop_firewall
;;
lock)
lock_firewall
;;
status)
status
;;
reload-inbound-policy)
source /etc/firestarter/inbound/setup 2>&1
;;
reload-outbound-policy)
source /etc/firestarter/outbound/setup 2>&1
;;
*)
echo "usage: $0 {start|stop|lock|status}"
exit 1
esac
exit 0
头像
lxvison
帖子: 117
注册时间: 2008-03-27 19:04
送出感谢: 0
接收感谢: 0
联系:

#4

帖子 lxvison » 2008-05-23 1:45

你确定联网了吗?
头像
yinliang108
帖子: 964
注册时间: 2005-10-01 21:38
来自: 湖南邵东流光岭
送出感谢: 0
接收感谢: 0
联系:

是ifconifg中文的问题

#5

帖子 yinliang108 » 2008-05-23 12:32

是ifconifg中文的问题,论坛有很多相关的帖子,好好搜索一下,我就是这么解决的。
小江恩的博客
http://gann.blog.ifeng.com/
aaawhale
帖子: 63
注册时间: 2007-09-24 16:51
送出感谢: 0
接收感谢: 0

#6

帖子 aaawhale » 2008-05-23 21:59

我当然联网了,还是不行啊
aaawhale
帖子: 63
注册时间: 2007-09-24 16:51
送出感谢: 0
接收感谢: 0

解决方法是

#7

帖子 aaawhale » 2008-05-23 22:32

LANG=en_US ,并在首选项里选检测到的设备,PPP0
两个都是PPP0
zzd@ubuntu
帖子: 40
注册时间: 2008-05-12 14:03
送出感谢: 0
接收感谢: 0

#8

帖子 zzd@ubuntu » 2008-05-24 13:21

我收藏先。。。呵呵,好样的
头像
RegentW
帖子: 1486
注册时间: 2007-02-27 21:47
来自: NN
送出感谢: 2 次
接收感谢: 0

#9

帖子 RegentW » 2008-05-24 13:24

试下用ufw吧,个人认为比firestarter方便直观
Core i5, 512G + SSD 20G, DDRIII 8G
回复

回到 “因特网相关软件”