34,333
edits
Changes
no edit summary
In [[Basic Ubuntu Linux Firewall Configuration]] we looked at how the ''lokkit'' tools provide a very basic and high level mechanism for configuring the underlying iptable ''iptables'' firewall rules on Ubuntu Linux. In this chapter we will look at a more advanced and flexible firewall configuration tool called ''Firestarter''. As we will see, Firestarter provides a greater level of control over both inbound and outbound network traffic and connections.
== Installing Firestarter on Ubuntu Linux ==
This page controls whether Internet Connection Sharing is to be used. Firestarter allows you to configure a single Linux system as the gateway to the internet. All other computers on your network then access the internet through the gateway system. The computers that access the internet through the gateway system will appear, to the outside world, to have the same IP address as the gateway system. This is essentially a mechanism for sharing a single internet connection amongst a network of multiple computers whilst masking the identity (i.e. the IP address) of those computers. Note that this configuration requires that you have two network cards installed in the system - one for the internet connection and another for the local area network.
Check ''Enable Internet Connection Sharing'' if you wish to use this feature. If you would like the system running Firestarter to also allocate IP addresses to the client machines also check the ''Enable DHCP for local network'' box.
Outbound Policy controls the types of outbound connections that may be established through the firewall. For example, access for users to particular hosts, web sites or services may be blocked.
Connections to a specific host may be prevented by selecting ''Permissive by default'', clicking in the ''Deny connections to host'' area of the screen and pressing the ''Add Rule'' toolbar button. The ''Add new outbound rule'' dialog will appear as follows:
