Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 182373 - net-firewall/guarddog - proposed init script
Summary: net-firewall/guarddog - proposed init script
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High enhancement (vote)
Assignee: Gentoo TreeCleaner Project
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-06-17 18:37 UTC by Joaquim G Santos
Modified: 2009-04-30 21:13 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
proposed guarddog init script (guarddog,246 bytes, text/plain)
2007-06-17 18:38 UTC, Joaquim G Santos
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Joaquim G Santos 2007-06-17 18:37:34 UTC
Guarddog doesn't seem to have its settings loaded at boot, forcing the user to run it manually everytime the computer is started.

Searching in the forums I found this thread
http://forums.gentoo.org/viewtopic-t-402517-highlight-guarddog.html
with a proposed solution for this problem involving the creation of a init script in /etc/init.d and adding it to default

I modified it slightly and it works perfectly so far

Would it be possible to have the ebuild create such a script so that the user only had to run "rc-update add guarddog default" after emerging guarddog?

I'm attaching the script I'm using.

Thanks

Have fun,

jakomo

Reproducible: Always
Comment 1 Joaquim G Santos 2007-06-17 18:38:44 UTC
Created attachment 122349 [details]
proposed guarddog init script

Init script that placed in /etc/init.d and added to default loads guarddog's setting at boot
Comment 2 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure gentoo-dev 2009-04-11 01:37:15 UTC
@treecleaners:

feel free to do your *magic* to this one.
Thanks
Comment 3 Jeremy Olexa (darkside) (RETIRED) archtester gentoo-dev Security 2009-04-14 00:07:34 UTC
# Jeremy Olexa <darkside@gentoo.org> (14 Apr 2009)
# Masked for removal in 30 days. Dead upstream, no Gentoo maintainer, needs
# init script. bug 182373 - you can save this one by testing the init script
# and/or commenting on the bug.
net-firewall/guarddog
Comment 4 Jeremy Olexa (darkside) (RETIRED) archtester gentoo-dev Security 2009-04-14 00:09:08 UTC
eh, 60 days is more appropriate IMO
Comment 5 Alexander Hadjiivanov 2009-04-18 02:06:28 UTC
I added the init script to the boot level and it works perfectly, and so does guarddog for that matter. I hope it's not removed or masked. We still need an updated ebuild which installs the init script, though.
Comment 6 Jacob Martin 2009-04-22 04:19:11 UTC
Just want to save this project.  Guarddog is a good program.
Comment 7 movrev 2009-04-23 04:00:16 UTC
I've been using this precise script (most probably coming from this same bug report) since 2007-9-8 (based on last modification date) without a problem.

I have very little recollection of adding the script myself, but according to the forum thread that's referred to in the report, I might have been experiencing the same issues when I decided to add it.

In any case, right now guarddog is the only gui app I use to configure iptables (from the moment firestarter was taken off from portage) and I most definitely don't want to see it go.

Please, unless you have some other reason to discontinue this ebuild, and have a suitable app to replace it, I'd rather have you add this script to the guarddog ebuild and keep the package in portage.

Thanks.
Comment 8 Jeremy Olexa (darkside) (RETIRED) archtester gentoo-dev Security 2009-04-23 04:15:49 UTC
yup, i'll get to it soonish. not to fear
Comment 9 Jeremy Johnson 2009-04-23 21:34:30 UTC
I too find guarddog an easy-to-use gui for quickly setting up a firewall.
And I also found that upon rebooting http browsing was blocked. My solution
was to simply add the guarddog bash script "/etc/rc.firewall" to my "/etc/conf.d/local.start script":
/etc/rc.firewall &>/dev/null
Once I get a guarddog rc.firewall script doing what I want, I usually just copy
the script to all my computers on my LAN that run identical firewalls. I have
some diskless thinclients which mount / over nfs, so in this case the rc.firewall script's "iptables -F" kills nfs. So instead I just copy a working "/var/lib/iptables/rules-save" to the thinclient and issue "iptables-restore </var/lib/iptables/rules-save" to load the new firewall. Thereafter, my thinclients' firewalls seem to work correctly upon rebooting (can browse www)

I still think guarddog is useful to newbies who need to setup a basic firewall.
Early on I did try some of the other gui firewall programs, but still found guarddog the easiest. I've also tried manually creating firewalls following
various Gentoo iptables guides. Probably the next easiest would be the curses-based script APF (Advanced Policy Firewall) 
<http://www.rfxnetworks.com/downloads/apf-current.tar.gz>
Comment 10 Jonathan 2009-04-25 15:22:45 UTC
I've been using guarddog to configure firewall and find it easy to use. An init script for the e-build would be a useful addition.

Prefer to keep the option to install guarddog on gentoo ... even without the init script as part of the ebuild!(In reply to comment #9)
Comment 11 Ryan Hill (RETIRED) gentoo-dev 2009-04-25 18:34:23 UTC
you see above where he says he'll get to it soon?  relax.
Comment 12 Jacob Martin 2009-04-29 02:11:29 UTC
The initscript works for me and so does guarddog.  amd64
Comment 13 Jeremy Olexa (darkside) (RETIRED) archtester gentoo-dev Security 2009-04-29 02:32:11 UTC
Alright people, test out 2.6.0-r1 and I will lift the mask. I don't have kde installed and won't install it to test so someone will have to confirm that it still installs correctly.

(removing kde because they don't want to maintain this app anymore)
Comment 14 movrev 2009-04-30 06:06:47 UTC
I unmasked and installed 2.6.0-r1 and proceeded to check the startup script (which was rewritten through etc-update) and then restart it. Everything ran like a charm.

I don't use KDE, so I can't answer if it installs correctly when using it. I'm currently running gnome-light if the info is of any use.

Thanks for updating the ebuild.
Comment 15 Jonathan 2009-04-30 20:53:47 UTC
Tried version 1.6.0-r1 with kde 3.5 on x86. Guarddog works, can add with rc-update add guarddog default to startup.
Comment 16 Jonathan 2009-04-30 20:58:37 UTC
Tried version 2.6.0-r1 with kde 3.5 on x86. Guarddog works, can add with rc-update add guarddog default to startup.
Comment 17 Jeremy Olexa (darkside) (RETIRED) archtester gentoo-dev Security 2009-04-30 21:13:37 UTC
Thanks for testing everyone. I removed the old versions and only 2.6.0-r1 is left. There is a pending stablereq in bug 268040.

This bug is resolved, closing.