Package: firestarter
Version: 1.0.3-1.3
Severity: grave
Firestarter service does not start on boot if Network Manager is used.
Firestarter init-script is in place:
# ls -l /etc/init.d/firestarter
-rwxr-xr-x 1 root root 1472 2006-06-18 13:21 /etc/init.d/firestarter
# ls -l /etc/rc2.d/*firestarter
lrwxrwxrwx 1 root root 21 2006-08-25 05:31 /etc/rc2.d/S20firestarter -
.../init.d/firestarter
but Firestarter is not started. If I uninstall Network-manager, then
Firestarter starts on boot. If I start Firestarter manually
after boot, it works just fine even if Network Manager is installed.
This makes me think that for some reason NetworkManager isn't bringing
up eth0 device before Firestarter tries to begin. This means that
Firestarter does not start because it does not detect the network.
I think this is a severe problem. User could think he is protected by
firestarter, when he is not.
There is one solution. Save following script as file
/etc/NetworkManager/dispatcher.d/50firestarter
http://www.debian-administration.org/users/emeitner/weblog/2
Make the file executable. Here is the same script:
snip 8
#!/bin/sh
source /etc/firestarter/configuration 21
# Check to see if the interface that changed is the one currently
# protected by firestarter. If not, quit.
[ $1 != $IF ] exit
# Check the current status of Firestarter
[ -e /var/lock/subsys/firestarter -o -e /var/lock/firestarter ]
fs_status=$?
case $2 in
up)
[ $fs_status -gt 0 ] /etc/init.d/firestarter start
;;
down)
## Uncomment the following line to allow this script to
## turn off the firewall when the interface goes down.
#[ $fs_status -eq 0 ] /etc/init.d/firestarter stop
;;
esac
snip 8
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages firestarter depends on:
ii gconf2 2.16.1-1 GNOME configuration database syste
ii gksu2.0.0-1 graphical frontend to su
ii iptables1.3.6.0debian1-5 administration tools for packet fi
ii libart-2.0-22.3.17-1 Library of functions for 2D graphi
ii libatk1.0-0 1.12.4-3 The ATK accessibility toolkit
ii libaudiofile0 0.2.6-6 Open-source version of SGI's audio
ii libavahi-client30.6.16-3etch1Avahi client library
ii libavahi-common30.6.16-3etch1Avahi common library
ii libavahi-glib1 0.6.16-3etch1Avahi glib integration library
ii libbonobo2-02.14.0-3 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.14.0-5 The Bonobo UI library
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libcairo2 1.2.4-4 The Cairo 2D vector graphics libra
ii libdbus-1-3 1.0.2-1 simple interprocess messaging syst
ii libesd0 0.2.36-3 Enlightened Sound Daemon - Shared
ii libfontconfig1 2.4.2-1.2generic font configuration library
ii libfreetype62.2.1-5 FreeType 2 font engine, shared lib
ii libgconf2-4 2.16.1-1 GNOME configuration database syste
ii libgcrypt11 1.2.3-2 LGPL Crypto library - runtime libr
ii libglade2-0 1:2.6.0-4library to load .glade files at ru
ii libglib2.0-02.12.4-2 The GLib library of C routines
ii libgnome-keyring0 0.6.0-3 GNOME keyring services library
ii libgnome2-0 2.16.0-2 The GNOME 2 library - runtime file
ii libgnomecanvas2-0 2.14.0-2 A powerful object-oriented display
ii libgnomeui-02.14.1-2 The GNOME 2 libraries (User Interf
ii libgnomevfs2-0 1:2.14.2-7 GNOME virtual file-system (runtime
ii libgnutls13 1.4.4-3 the GNU TLS library - runtime libr
ii libgpg-error0 1.4-1library for common error values an
ii libgtk2.0-0 2.8.20-7 The GTK+ graphical user interface
ii libice6 1:1.0.1-2X11 Inter-Client Exchange library
ii libjpeg62 6b-13The Independent JPEG Group's JPEG
ii liborbit2 1:2.14.3-0.1 libraries for ORBit2 - a CORBA ORB
ii libpango1.0-0 1.14.8-5 Layout and rendering of internatio
ii libpng12-0 1.2.15~beta5-1 PNG library - runtime
ii libpopt01.10-3 lib for parsing cmdline parameters
ii libsm6 1:1.0.1-3X11 Session Management library
ii libtasn1-3 0.3.6-2 Manage ASN.1 structures (runtime)
ii libx11-6
