The firewall wizard

The Firestarter firewall wizard is automatically launched when you start the program the first time. If you want to return to the wizard at a later time, it is also accessible from the Firewall menu in the main interface. All of the choices made in the wizard can however also be changed through the preferences.

Network device setup

This page of the wizard is for configuring the primary network device; that is, your Internet connected network adapter.

The wizard automatically discovers all devices that are currently present in your machine. Generally, you will use either a pppxx or ethxx device, unless you have some special hardware. ppp is usually associated with a dial-up device while eth is the norm for most broadband connected machines.

Some cable modem users might have to select ppp0 as their device, even if there is also the choice of selecting eth0. This is because of the PPPoE protocol used by their ISP. If you see a ppp device in the list, and you do not have a modem, you probably must select it as your network device.

The following two options are available:

• Start the Firewall on dial-out
  If you have a dialup (PPP) device or a VPN interface where the connection will be down occasionally, you should select this option. When enabled, Firestarter will try to reload the firewall as soon as the connection is established.
• IP address is assigned via DHCP
  If your network settings such as the IP address of you computer is distributed via DHCP, you should enable this option. If you are connecting to the Internet using a cable, DSL or direct Ethernet connection you should almost always select this option. It is perfectly safe to select this option even if there is no DHCP server on your network. With this option enabled, Firestarter will reload the firewall when your network settings change.

Internet connection sharing setup

Internet connection sharing allows several machines to access the Internet trough a single network connection. This is done using NAT. To the outside world the group of machines will look like a single machine with a single IP address.

For NAT to work you need two or more network devices in your machine. If you only have one device this page will not show in the wizard. To enable NAT, simply select a device from the drop down list of autodetected devices. You must select a device other than the one you selected on the previous page.

For an in-depth look at the subject, as well as how to configure the DHCP service, read our guide to Internet connection sharing. Generally however, both NAT and DHCP will work out of the box simply by enabling them in the wizard, without the need to configure anything.

Ready to start the firewall

At the final page you have to option to either discard your changes or accept and save your choices. As soon as you click save, the firewall is started.

At this point Firestarter will be working in its default secure mode and there is no immediate need to further configure anything. The default mode implements a restrictive policy for incoming traffic and a permissive stance towards outgoing connections. For more information about the default mode of operation and how to change it, refer to the section on creating policy.

Firestarter and all the contents on this page are © 2000-2007 Tomas Junnonen.
Firestarter is distributed under the terms of the GPL.