activate/deactivate firewall using Porteus Settings Centre

Post here if you are a new Porteus member and you're looking for some help.
port
Samurai
Samurai
Posts: 137
Joined: 18 Feb 2016, 09:25
Distribution: Linux porteus 3.2.2 KDE
Location: Spain

activate/deactivate firewall using Porteus Settings Centre

Post#1 by port » 25 Nov 2016, 11:19

I have a doubt about deactivating firewall using Porteus Settings Centre (PSC).

The PSC scripts seems to manage activation and deactivation by setting or unsetting execution permission to file /etc/rc4.d/S-firewall.sh which it creates if doesn't exits.

So when you select 'Activate firewall when Porteus starts' checkbox the PSC script run a 'chmod +x /etc/rc.d/rc4.d/S-firewall.sh' command and if not checked it runs the same chmod command but with -x argument.

Code: Select all

----file /opt/porteus-scripts/porteus-settings-centre ----

       '`chkbox $FWALL chkFirewall "Activate firewall when Porteus starts"`'
                <action>if true chmod +x /etc/rc.d/rc4.d/S-firewall.sh</action>
                <action>if false chmod -x /etc/rc.d/rc4.d/S-firewall.sh</action>
                <action>if true cp -a --parents /etc/rc.d/rc4.d/S-firewall.sh $PSC_SETTINGS</action>
                <action>if false cp -a --parents /etc/rc.d/rc4.d/S-firewall.sh $PSC_SETTINGS</action></checkbox>
That's ok but the PSC script seem to do nothing with /etc/rc.d/rc.Firewall execution bit, so it remains +x and thus rc.services call it when booting to start firewall:

Code: Select all

----file /etc/rc.d/rc.services ----

# Enable firewall:
[ -x /etc/rc.d/rc.FireWall ] && sh /etc/rc.d/rc.FireWall start &
so, that way firewall is always activated when booting Porteus, it is not possible to switch off from booting using PSC, the only way to switch it off is manually clearing x bit of rc.Firewall:

Code: Select all

# chmod a-x /etc/rc.d/rc.FireWall
anyway, why using two models (slackware bsd scripts and slackware sysV-like scripts) to manage firewall activation at boot? wouldn't it be better for PSC to simply toggle x bit of /erc/rc.d/rc.FireWall file rather than create a sysV script file and toggle that (/etc/rc.d/rc4.d/S-firewall.sh)? and if doing that way using file S-firewall.sh I think PSC script should handle both files (rc,FireWall and S-firewall.sh), shouldn't it?

Is this ok? or I am misunderstanding something...

donald
Full of knowledge
Full of knowledge
Posts: 2064
Joined: 17 Jun 2013, 13:17
Distribution: Porteus 3.2.2 XFCE 32bit
Location: Germany

Re: activate/deactivate firewall using Porteus Settings Cent

Post#2 by donald » 25 Nov 2016, 14:10

port wrote:I have a doubt about deactivating firewall using Porteus Settings Centre (PSC).
confirmed
MS would call this a feature to protect users.. :)
However, for now

Code: Select all

# Enable firewall:
# [ -x /etc/rc.d/rc.FireWall ] && sh /etc/rc.d/rc.FireWall start &
in /etc/rc.d/rc.services should make it work.

port
Samurai
Samurai
Posts: 137
Joined: 18 Feb 2016, 09:25
Distribution: Linux porteus 3.2.2 KDE
Location: Spain

Re: activate/deactivate firewall using Porteus Settings Cent

Post#3 by port » 25 Nov 2016, 14:43

donald wrote: However, for now

Code: Select all

# Enable firewall:
# [ -x /etc/rc.d/rc.FireWall ] && sh /etc/rc.d/rc.FireWall start &
in /etc/rc.d/rc.services should make it work.
yes and also the more slacky-way command:

Code: Select all

# chmod a-x /etc/rc.d/rc.FireWall
get slack! ;-)


But the real question here is why it is done this way, and why not to simply use rc.FireWall , I mean replacing these lines of /opt/porteus-scripts/porteus-settings-centre:

Code: Select all

       '`chkbox $FWALL chkFirewall "Activate firewall when Porteus starts"`'
                <action>if true chmod +x /etc/rc.d/rc4.d/S-firewall.sh</action>
                <action>if false chmod -x /etc/rc.d/rc4.d/S-firewall.sh</action>
                <action>if true cp -a --parents /etc/rc.d/rc4.d/S-firewall.sh $PSC_SETTINGS</action>
                <action>if false cp -a --parents /etc/rc.d/rc4.d/S-firewall.sh $PSC_SETTINGS</action></checkbox>
with another these:

Code: Select all

       '`chkbox $FWALL chkFirewall "Activate firewall when Porteus starts"`'
                <action>if true chmod a+x /etc/rc.d/rc.FireWall</action>
                <action>if false chmod a-x /etc/rc.d/rc.FireWall</action>
                <action>if true cp -a --parents /etc/rc.d/rc.FireWall $PSC_SETTINGS</action>
                <action>if false cp -a --parents /etc/rc.d/rc.FireWall $PSC_SETTINGS</action></checkbox>

User avatar
brokenman
Site Admin
Site Admin
Posts: 6105
Joined: 27 Dec 2010, 03:50
Distribution: Porteus v4 all desktops
Location: Brazil

Re: activate/deactivate firewall using Porteus Settings Cent

Post#4 by brokenman » 25 Nov 2016, 21:59

Thanks. Updated in tree.
How do i become super user?
Wear your underpants on the outside and put on a cape.

port
Samurai
Samurai
Posts: 137
Joined: 18 Feb 2016, 09:25
Distribution: Linux porteus 3.2.2 KDE
Location: Spain

Re: activate/deactivate firewall using Porteus Settings Cent

Post#5 by port » 25 Nov 2016, 22:49

brokenman wrote:Thanks. Updated in tree.
you're welcome, I'm happy helping to test porteus and make it better, the more I look at porteus internals the more I appreciate your hard & pretty work.

brokenman, I suppose using rc.FireWall makes unuseful the file S-firewall.sh so you can avoid the code to create it when not found, is it right? this way you end with a better script not having raw code for a file inside

Post Reply