need help running Firestarter

hi
I compiled and installed Firestarter 1.0.3 but when i run it i get this error:

A proper configuration for Firestarter was not found. If you are running Firestarter from the directory you built it in, run ‘make install-data-local’ to install a configuration, or simply ‘make install’ to install the whole program.
Firestarter will now close.

what should i do?

rd1381 wrote:
> hi
> I compiled and installed Firestarter 1.0.3 but when i run it i get this
> error:
>
> A proper configuration for Firestarter was not found. If you are
> running Firestarter from the directory you built it in, run ‘make
> install-data-local’ to install a configuration, or simply ‘make install’
> to install the whole program.
> Firestarter will now close.
>
> what should i do?

seems the program is not finding its configuration files…you say you
compiled and installed it…but i wonder HOW you installed it…

did you, for example, read the instructions in the source package’s
README file(s) and run (probably) ‘configure’ then ‘make’, and THEN
‘make install-data-local’…

if you do that you can execute the program from your home
directory…HOWEVER, it is common practice in Linux to install to the
SYSTEM by switching to ROOT and then running ‘make install’ (i’d bet
that the README tells you to do it that way)…

doing it that way is best, and then a simple ‘firestarter’ (or
whatever the name of the executable is) at a command line will launch
the program and it WILL find its config files over in /etc with all
the other system config files…

OH LOOK, the error message TELLS you exactly what to do: if you want
to install to and run from home: “run ‘make install-data-local’ to
install a configuration”

or, if you wanna install and run from the system, become root and
“simply ‘make install’ to install the whole program.”

amazing huh, your answer was right there in your question.

but, i wonder why you choose to compile/install Firestarter and not
just use the default installed openSUSE firewall…what is better
about Firestarter? (and, you do know you will have to deactivate the
firewall you already have running by default, right?)


secondary

Maybe it gives you this Windows-type “hey, I did something good for you” feeling.

The average Windows user needs to be annoyed by his “securitry software” otherwise he does not believe it’s working and will not buy the “Sup0r Pr3mium XXpert Edition” (so called “snake oil salesmen effect”).

However, first of all this is not annoying enough and secondly, under *NIX-type OSes, why not use a console based solution?

#!/bin/bash

# Path: main.gmane.org!not-for-mail
# Message-ID: <20050114095319.GA6717<ät>one.cb.de>
# From: Uwe Kerstan <uwe.kerstan<ät>gmx.de>
# Newsgroups: gmane.linux.debian.user.german
# Subject: Re: Firewall im Userspace ?
# Date: Fri, 14 Jan 2005 10:53:19 +0100


echo -n Starting firewall.
while true; do
  sleep 1
  echo -n .
  if  $(($RANDOM%13)) -eq 2 ]; then
     break;
  fi
  done
  echo
  echo Your system is now secure\!
while true; do
  sleep $(($RANDOM%53))
  echo "Blocked attack from host $(($RANDOM%256)).$(($RANDOM%256)).$(($RANDOM%256)).$(($RANDOM%255+1)) on port $(($RANDOM%65535+1))!!!!!!"
done
exit 0

Voilà … Zone Alarm for linux[1]…


ZAlinux.sh
Starting firewall.................
Your system is now secure!
Blocked attack from host 110.110.189.48 on port 5973!!!!!!
Blocked attack from host 233.182.110.161 on port 27020!!!!!!
Blocked attack from host 179.60.139.211 on port 4844!!!!!!

No doubt, I feel much safer now rotfl!

[1] Original can be found here: Re: Firewall im Userspace ?

oh NO!
i must have a root kit installed because your Zone Alarm for linux
stalled after blocking only four attacks!

NO, it is still doing its job…i guess the attacks slowed down…

THANK YOU, i feel so much safer now…

tell, me could that be built into a KDE4 desktop thingy…maybe a
screen saver too? :wink:


tertiary

Maybe you have this “Keylogger” installed

sorry but can somebody answer my question and not joke?

about first reply(most promising one) :
yes i did install it as root and i tries make install-local…
i am not that dumb, ok?
so anybody eles?

Between the lines you’re being asked do you have a reason for Firestarter as Susefirewall is a very capable firewall.

There is a multitude of ways of seeing what is connected, netstat etc… tweak the firewall Suse firewall is highly configurable in the conf file. It really is only a wrapper to iptables.

Your Highly unlikely to need to block outgoing, but it is more than feasible to create such a firewall, but you will need to know what ports to allow out.

Doing things from source get complicated unless well managed, I would look into checkinstall, this will make a local system rpm. I also believe of dubious quality, but for local install it will be fine. But tbh I’d look for a rpm, also I suspect you’ll have to disable the firewall so that firestarter can take over it.

I would trust Susefirewall unless you really have specifc reasons to change, you have the ability to add rules and logging.

I’d find your self a good tut on iprules, now been a while since I tried/did this. Here is a crude sketch out of how to add additional rules to Susefirewall. Tbh the defaults in Susefirewall2 should be good for most Desktop instances.

How To Add Additional Ip Rules To Suse Firewall - openSUSE Forums

never mind i found my answer
i should run it whith this command :
dbus-launch firestarter &

why nobody answered my question?
my all you did was to say suse firewall is better?
i know suse firewall is not bad but its not user friendly or simple
sorry if our opinion dont match

OK well I for one didn’t know the answer I would rather have a good default Firewall that can be configured than, a firewall that has no default but a good gui.

You won’t find many people removing Susefirewall, and the few that do will probably use iptables as it was meant to be used.

Unlike firestarter you had a good base set of rules, so though the GUI may be better the lack of iptable knowledge can leave it secured less.

I doubt you’ll find too many people around here suggesting you replace the firewall.

All these GUI’s are front end to Iptables and none of them will ever make it easy or straight forward(Iptables simply isn’t), why I trust Suse to do a good job.

> never mind i found my answer
> i should run it whith this command :
> dbus-launch firestarter &

WHERE did you find that answer?

> why nobody answered my question?

maybe no one here ever tried to install and set up Firestarter, ever
think of that?

did you expect one of us to download it, and try to set it up in order
to answer your question?

> my all you did was to say suse firewall is better?
> i know suse firewall is not bad but its not user friendly or simple
> sorry if our opinion dont match

of course it is ok to run whatever you want…i didn’t try to change
your mind, just WONDERED why you were going to all the trouble of
compiling, installing and TRYING to get it running when your SUSE was
born with a working, simple (you don’t have to do ANYTHING…it is
just there) firewall…

OH! i googled “firestarter dbus” and find that it is a BUG WORKAROUND…
cite:
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg621816.html

that is what i want: a user friendly, simple firewall that i have to
compile from buggy code!!


tertiary

Don’t mean to be rude but seeming as it popped up in another thread…

The Real Elvis, primary, secondary, tertiary

It gets a bit difficult even for the few us that can associate the users names with one.

Unlike you lot we don’t get headers and can’t easily see that the moniker seems to be the same person I wonder how many others are inflating original user post counts. Could you be so kind as to settle on one.

> I wonder how many others are inflating original user post counts.

you kidding? nntp posters who do not use the same ID as one registered
on the web side do get any credit for initiating original user posts
or any post…

> Could you be so kind as to settle on one.

no thank you.


The Real Elvis

let me ask you something :
1-i installed personal brain
2-everytime i run it it checks for update
3-in windows commodo firewall nicely shows a popup saying that this program is trying to connect to internet and i can simply block it for ever (very customizable too: port, inbound , outbound, etc…)
4-now in opensuse i have to run some command line program to find the connecting program or create a log to see what pid connected to a certain port and find out which one is site for personal brain update then goto suse firewall and block connection to that ip
5-now every program which wants to connect to that ip is restricted :frowning:
6-ip of that site can change
7-as a matter of fact any malicious program that want to “call home” surely doesnt rely on ips
8-so far :windows 1-0 suse

9- dont flame me plz as a windolws lover :i hate it . but plz dont go about not needing a program when there is need

Mmmm the port isn’t open its, not installed unless you specifically installed it, so it won’t JUST ring home.

That is why there is no need, hell I could give you several iptable rules we could lock up every port possible, but then when this or that tries you’ll be back asking how.

Nmap run once a week will do more, than being enlightened every day with nmap you’d actually be able to see services available, then you wouldn’t have to wait for it to happen but could actually explicitly tell it not or to do so.

OK whilst I accept there is some circumstances where it may be needed to filter outgoing, these rarely come into a desktop configuration. If you don’t know what you’re installing then why install it. Unless you are stupid or don’t know that an app will ring out, then it won’t. These apps don’t magically appear that ring out, if you use messengers expect port…, irc expect port …, ssh …

Unlike windows there isn’t anything unsavoury ringing out you install it.

But if it pleases you so be it, but it is not needed, it is nothing more than a placebo by having a good understanding of iptables and services you wish to use you could lock it so tight nothing would ring out, that you hadn’t told could.

Because you feel a need to see outgoing doesn’t make it a requirement, I can do a ps aux and got more info and tell you what apps are using the network, because I installed them.

> 9- dont flame me plz as a windolws lover :i hate it . but plz dont go
> about not needing a program when there is need

fair enough…happy you found the answer to your needs, and sorry no
one here had any experience with Firestarter…and therefore could
only guess what the problem was, and how to solve it…

and, we also couldn’t GUESS why you needed Firestarter.


The Real Elvis

And you really believe that this works reliably?

You have no idea my friend, “personal firewalls” claim to be able to filter reliably on the application based rules, which they can not, you just believe they do. If a “bad” program uses one of the “good” programs (like your standard browser) to transfer data outbound (which takes about 25 lines of code, google for “www-shell”), your firewall will tell you anything is fine or it won’t even recognize it.

Additionally by increasing the code base of your system they potentially make your system more insecure, it’s that simple.

Use google&co. and start searching for articles/papers why personal firewalls are insecure und unreliable and don’t believe that bull**** which vendors of such firewall programs tell you.

There is a simple reason why on linux there are no real “Personal Firewalls” available and the reason is that the whole concept is crap and does not work reliably (or to say it in funny terms “the only thing they do reliably is not working”).

the same could be said about suse

p.s.:
it has become a soapbox topic so let it be.when arguing nobody can really convince the other person
i just asked a question and i really appreciate your concern about my beliefs and thanks again for your reply s