maemo.org - Talk
Page 3 of 10 12 3 45 Last »
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Applications (https://talk.maemo.org/forumdisplay.php?f=41)
-   -   [Announce] genwall a simple iptables firewall (https://talk.maemo.org/showthread.php?t=85444)

Halftux 2012-07-15 13:20
Re: [Announce] genwall a simple iptables firewall
 
If somebody want to have a look into a log file before the next release, I will give a small howto.

Install sysklogd and edit config file:

Code:
sudo gainroot
apt-get install sysklogd
vi /etc/syslog.conf
comment out (to prevent fill up the root):

Code:
#*.*;auth,authpriv.none                -/var/log/syslog
add:

Code:
kern.warning                        /home/user/.genwall/iptables.log

Halftux 2012-09-02 19:28
Re: [Announce] genwall a simple iptables firewall
 
New version out now! Major update.

Changelog v1.0.0
- Layout changes
- removed button bugs
- removed syslog related pid bug
- removed listwidget add bug no double item
- added syslog handler
- added log view
- added filter options for log view
- added extra rule creator for log view
- added icmp handling
- added filter view
- added nat view
- added output handling
- added root password Authentication
- added add/remove gateway
- added dns resolv
- added runtime add rule for log view and lo ports
- added runtime remove rule for filter view
- added save & load function for widget option


I think I need to write a manual. Screenshots and description will be updated soon.
Genwall will take part in the coding competition 2012 and will be uploaded to extras next days.

Halftux 2012-09-08 21:01
Re: [Announce] genwall a simple iptables firewall
 
The package is uploaded to extras-devel. Added more screenshots.

To use the icon from application browser you need to have sudser installed.

sifo 2012-09-08 21:09
Re: [Announce] genwall a simple iptables firewall
 
Isnt it better to add a a "genwall.sudoers" in "/etc/sudoers.d/" ?
here is an example for the bnf.sudoers file
Code:
user ALL = NOPASSWD: /usr/sbin/bnf.sh
and then you can remove the sudo from the desktop file ;)
i really dont know the different but this is what all devs doing :D
Great job dude

./sifo

Halftux 2012-09-08 21:46
Re: [Announce] genwall a simple iptables firewall
 
Quote:
Originally Posted by sifo (Post 1263346)
Isnt it better to add a a "genwall.sudoers" in "/etc/sudoers.d/" ?
here is an example for the bnf.sudoers file
Code:
user ALL = NOPASSWD: /usr/sbin/bnf.sh
and then you can remove the sudo from the desktop file ;)
i really dont know the different but this is what all devs doing :D
Great job dude

./sifo
Thank you for the hint I didn't know that. I will dig into it.

peterleinchen 2012-09-09 20:27
Re: [Announce] genwall a simple iptables firewall
 
Quote:
Originally Posted by sifo (Post 1263346)
Isnt it better to add a a "genwall.sudoers" in "/etc/sudoers.d/" ?
Yes.

Quote:
Originally Posted by sifo (Post 1263346)
and then you can remove the sudo from the desktop file ;)
i really dont know the different but this is what all devs doing
No.

Quote:
Originally Posted by Halftux (Post 1263344)
To use the icon from application browser you need to have sudser installed.
Nope, if you follow sifo's first hint. Put a genwall.sudoers file into /etc/sudoers.d with content
Code:
user ALL = NOPASSWD: /usr/sbin/genwall
or
Code:
user ALL = NOPASSWD: /opt/genwall/bin/genwall
or whereever your binary/link lives.
And then call update 'update-sudoers' in postinstall script.
This will allow the user to execute genwall with sudo rights without entering a password. You still need to call it with sudo from desktop file as well as from command line.
Sudser just adds a * to sudoers (not my security-preferred thing, but easy for lazy) ...

sifo 2012-09-09 20:33
Re: [Announce] genwall a simple iptables firewall
 
@peterleinchen

sorry, i missed that :D
Thanks

./sifo

Halftux 2012-09-09 20:49
Re: [Announce] genwall a simple iptables firewall
 
Quote:
Originally Posted by peterleinchen (Post 1263881)
Nope, if you follow sifo's first hint. Put a genwall.sudoers file into /etc/sudoers.d
And then call update 'update-sudoers' in postinstall script.
This will allow the user to execute genwall with sudo rights without entering a password. You still need to call it with sudo from desktop file as well as from command line.
Sudser just adds a * to sudoers (not my security-preferred thing, but easy for lazy) ...
Thank you to put some light in this matter. What you think about the file location? Move the binary to opt or make a symlink?

peterleinchen 2012-09-09 20:55
Re: [Announce] genwall a simple iptables firewall
 
I did not take a look into your sources/binaries, but in general put all stuff to opt and just put a symlnk to /usr/sbin/genwall (so there is no 'or' in your question ;)).

Halftux 2012-12-21 02:00
Re: [Announce] genwall a simple iptables firewall
 
Released a experimental version for N9(50). See deb in first post.

- load iptable modules and run genwall as root or developer

If somebody knows how to tweak the logging for syslog in PR1.2 let me know.
At the moment I try to figure out what is possible with N950; the stock kernel modules are poor.


All times are GMT. The time now is 01:49.
Page 3 of 10 12 3 45 Last »
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8