Ok, after screwing around with Firestarter and DHCP several times on Ubuntu, I figured I’d write up my experiences on how to get it working correctly on the first try (with DHCP, I might add, as that’s where most of my problems came in).
Install Requirements
sudo apt-get install firestarter dhcp3-server
Configuring NICs
Make sure that your internal network card is assigned a static IP address in a range that you will use for you internal network.
To do this, go to System -> Administration -> Networking. Once there, go into the properties for the network card you will use for your internal/routed network (it will quite likely be disabled) and set it up as you deem necessary.
As a basic example, set the IP address to 192.168.0.1, and the subnet mask to 255.255.255.0. Leave the gateway empty.
Small Fix
To fix the problem where Firestarter cannot locate the DHCP daemon init script: From within a terminal type and run the following command (creating a symbolic link to fix the mis-reference; this is a simple alternative to editing Firestarter’s init script).
sudo ln -sf /etc/init.d/dhcp3-server /etc/init.d/dhcpd
This fixes the problem where Firestarter will sometimes say something along the lines of “An unknown error occured” when DHCP is enabled within its configuration. Sometimes the firewall will start anyway, but DHCP will remain off.
Configuring DHCP
Configure the interfaces on which DHCP will be listening Edit your /etc/default/dhcp3-server file (using a text editor running as root, or by logging in and running “sudo vi /etc/default/dhcp3-server”). The only variable in there by default is “INTERFACES”, which will have a null value. Set it to your internal network interface. For example:
# Defaults for dhcp initscript
# sourced by /etc/init.d/dhcp
# installed at /etc/default/dhcp3-server by the maintainer scripts
#
# This is a POSIX shell fragment
#
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="eth0"
Write the file and exit.
Run Firestarter
If this is your first time running Firestarter, the wizard should appear. If not, simply click Firewall -> Wizard from within Firestarter.
Select your external (Internet-connected) device when it asks, and make sure to specify whether or not the address is obtained via DHCP. Click the “Forward” button, check the “Enable Internet connection sharing” box, select your internal network card, and check the box for “Enable DHCP for local network”. Drop down the “DHCP server details” and enter the range of IPs you would like for it to dynamically assign.
Make sure they are in the same range as the static IP you set for your internal network card, also, for the DNS server field, you MUST supply an address – “” will *NOT* work. Simply look at your /etc/resolv.conf file if you need inspiration.
Click “Forward”, check the “Start firewall now” box, and click “Save”.
Conclusion
It took me a while to pinpoint the causes of various small problems I was having getting it to play nicely with DHCP, but I finally got it down and figured I’d share my experiences. Please let me know if you have any suggestions (I know I clumped everything together for that last step, but c’mon, it’s a wizard… It’s pretty freaking simple).
loading...
Submit A Comment