Ubuntu
fwbuilder package

Cannot install firewall using fwbuilder on Ubuntu 11.04

Asked by Pedro Cunha

Well, I've tried creating a simple ssh firewall following this guide (http://www.linux.com/learn/tutorials/445652:creating-firewalls-on-linux-manually-using-firewall-builde) after MANY unsuccessful attempts on my own, using fwbuilder.

Well, as it turns out, there seems to be a recurring problem, no matter what I do. Here's the log:

*******************************************************
Summary:
* Running as user : seltor
* Firewall name : firewall
* Installer uses user name : seltor
* Management address : 192.168.1.68
* Platform : iptables
* Host OS : linux24
* Loading configuration from file /home/seltor/sltwlan.fwb

Installation plan:
Copy file: /home/seltor/firewall.fw --> /etc/fw/firewall.fw
Run script echo '--**--**--'; chmod +x /etc/fw/firewall.fw; sudo -S /etc/fw/firewall.fw && ( test -f /var/run/shutdown.pid && sudo -S shutdown -c; echo 'Policy activated' )
S
Copying /home/seltor/firewall.fw -> 192.168.1.68:/etc/fw/firewall.fw
Running command '/usr/bin/fwbuilder -Y scp -o ConnectTimeout=30 -q /home/seltor/firewall.fw seltor@192.168.1.68:/etc/fw/firewall.fw'
lost connection
SSH session terminated, exit status: 1
Firewall policy installation failed

*******************************************************

So, I'm accessing the network through a wireless connection, which means the interface is wlan0. My network submask is 255.255.255.0, according to the network info Ubuntu is giving me, and my internal IP is 192.168.1.68, which is static.

Can anyone help me?

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu fwbuilder Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Vadim Kurland (vadim-fwbuilder) said : 		#1

FWbuilder built-in policy installer uses ssh to communicate with the firewall. From the installer log it looks like either sshd is not installed or not running on your system. Check if package "openssh-server " is installed. If it is installed and daemon is running, try to log in using simple command "ssh 192.168.1.68" and troubleshoot ssh access to make it work.

Also check if the directory /etc/fw exists and create it if it does not. Make sure permissions on the directory are set up so that user "seltor" can create files in it.

finally you need to make sure user seltor is allowed to use sudo. This may already be the case though.

This chapter of Firewall Builder Users Guide shows how to set this up using dedicated firewall administration account:

http://www.fwbuilder.org/4.0/docs/users_guide/install_with_regular_user.html

Can you help with this problem?

Provide an answer of your own, or ask Pedro Cunha for more information if necessary.

To post a message you must log in.