Firewall status tray icon - firewallstate-2.1

Configuration wizards, scanners, remote desktop, etc.
Message
Author
User avatar
bigpup
Posts: 13886
Joined: Sun 11 Oct 2009, 18:15
Location: S.C. USA

#41 Post by bigpup »

chrome307 wrote:Thanks for this :)

I have also noticed that it disappears after a short period of time but will reappear if you select it via the menu. ( firewallstate-1.1 )

I would have like it to remain as a permanent fixture to remind me that the firewall is activated.
Same for me with version1.1 installed in Lucid Puppy.
After select it via the menu. Appears in tray for 10 to 15 minutes and again disappears.
Not a big deal. Just wanted you to know about it.

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#42 Post by jpeps »

Great script! Working nicely in Quirky.

edit: also disappears from tray, as noted.

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#43 Post by tasmod »

OK I've just been away a few days, now I'll work on it.

Bit difficult for me as it doesn't do it !

It appears to be an X related problem, not a code problem so I'm a bit stumped.

I'll post up the code that I have for now. It has not been tidied up and could be done differently.

EDIT: Removed code as changed yet again.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#44 Post by tasmod »

OK, I think I have a slight clue as to what is happening, why though I'm just guessing.

The 'interval' loop routine is returning a FALSE at some point and exiting. It shouldn't, it should always be TRUE but I think my information routine changes result at some point. So it would return a different value, maybe causing the FALSE return.

I've changed the code and just checking it out. If it works it will be a few cycles quicker.

I moved the info routine out of the repeating loop and made a separate entry for it.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#45 Post by tasmod »

Version 1.2

OK, had this version running since last post on a new fresh install of Luci 506. It didn't vanish.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#46 Post by jpeps »

It looks like the script posts "Firewall On" if rc.firewall is present, even if $MODULE has been removed, or am I missing something?

edit: If so, one way would be to check the presence of iptable in loaded mods.

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#47 Post by tasmod »

No, quite simple really.

It was meant for a first run tray applet for new Puplets. Just to remind you to turn on the firewall by running the wizard.

So a new Puppy install would show as 'firewall off' and the option to run the wizard as a reminder in the tooltip. That's why I added the quit and remove.

Now, when you have a clean install the rc.local file has no entry for firewall. When you run the wizard it appends the 'firewall start' script instruction there. I just check for that script. i don't check for the rc.firewall.

In effect once the firewall wizard is run it should not need changing. However, if you wish to turn it off then alter the script to show 'firewall stop' not 'firewall start'
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#48 Post by tasmod »

OK, I see your point.

But the tray applets first intention wasn't to be a full time app, however i did change it subject to requests, so i suppose it had better be accurate in it's reporting.

I've just done a couple of experiments both loading and unloading modules.

My simple method will change state if the text is changed but not reflect an accurate actual change until rebooted.

Unloading the module has no effect on the script so firewallstate will be inaccurate.

I will experiment with code to look at running the lsmod output to a file and parse that checking for iptables.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#49 Post by jpeps »

I'd be happy with a simple entry on the info page, along with the other cats.

edit: firewall start/stop switch?

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#50 Post by tasmod »

Hmmm, I've carried out further tests.

The only way to turn the firewall off easily is to change the text in rc.local to 'firewall stop' and reboot. Otherwise delete the rc.firewall and reboot again.
All require a reboot and the rc.local changes, so I can't see a reason to change the code at the moment. Unless anyone knows otherwise.

I have changed the code and tested but it is easier the original way as this seems to be universal in operation.

I wrote a pet to turn firewall on and off a while back, it's on here somewhere.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#51 Post by jpeps »

tasmod wrote:Hmmm, I've carried out further tests.

The only way to turn the firewall off easily is to change the text in rc.local to 'firewall stop' and reboot. Otherwise delete the rc.firewall and reboot again.
All require a reboot and the rc.local changes, so I can't see a reason to change the code at the moment. Unless anyone knows otherwise.

I have changed the code and tested but it is easier the original way as this seems to be universal in operation.

I wrote a pet to turn firewall on and off a while back, it's on here somewhere.

hm...looks like it works

Code: Select all

/etc/rc.d # ./rc.firewall stop
-> Projectfiles.com Linux Firewall version 2.0rc9 running.
-> Performing sanity checks. [ PASSED ]
-> Firewall disabled.

/etc/rc.d # ./rc.firewall start
-> Projectfiles.com Linux Firewall version 2.0rc9 running.
-> Performing sanity checks...... [ PASSED ]
-> Building firewall.... [ DONE ]
-> Successfully secured the following addresses: 192.168.1.112.

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#52 Post by tasmod »

I wrote the original pet to do just that.

I was setting up a router and network and kept getting weird results due to the firewall. So I quickly wrote the script and gui to turn it on and off whilst I carried out tests.
Zigbert incorporated in his all encompassing setup program.

I suppose I could incorporate it in the app along with a menu launch entry if you want.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

jpeps
Posts: 3179
Joined: Sat 31 May 2008, 19:00

#53 Post by jpeps »

tasmod wrote:I wrote the original pet to do just that.

I suppose I could incorporate it in the app along with a menu launch entry if you want.
Could be useful, and then the "firewall on(off)" message could simply be connected to the switch.

User avatar
8-bit
Posts: 3406
Joined: Wed 04 Apr 2007, 03:37
Location: Oregon

#54 Post by 8-bit »

Just what does a person need to change in rc.firewall to allow network printing to bypass the firewall?
The reason I ask is that if I set up the firewall accepting default, shared printers are not seen by linux guest systems.

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#55 Post by tasmod »

I'm no expert on the firewall but:

Try running the firewall wizard and use arrow key to scroll down and select custom.

Try enabling print spooler using spacebar as advised in tips.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#56 Post by 01micko »

8-bit wrote:Just what does a person need to change in rc.firewall to allow network printing to bypass the firewall?
The reason I ask is that if I set up the firewall accepting default, shared printers are not seen by linux guest systems.
In the custom section I put "631/tcp" .. seemed to work :? .. I can print puppy machine to puppy machine. Enabled some of the other things too. Forget exactly. Patriot would know or rcrsn51.

Cheers
Puppy Linux Blog - contact me for access

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#57 Post by tasmod »

OK, back on the code.

After testing I found the app would work for most users 100% but if a user used my on/off app or a cli command then it wouldn't reflect the status.

This is because the commands work direct with rc.firewall and do not write to the rc.local to reflect the change in realtime.

So code changed and checks lsmod for ip_tables at jpeps suggestion. (thanks)

Edit: removed icon code request. Now working.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

User avatar
chrome307
Posts: 708
Joined: Thu 15 Jan 2009, 11:00

#58 Post by chrome307 »

This seems to be working good for me, remains in the taskbar as I wanted :)

Thanks for this app!

User avatar
tasmod
Posts: 1460
Joined: Thu 04 Dec 2008, 13:53
Location: North Lincolnshire. UK
Contact:

#59 Post by tasmod »

Thanks for the feedback, much appreciated.

Version 1.3 posted, works regardless of commands issued elsewhere.
Incorporates ON/OFF in menu, should you need it.

Regarding the External IP address info. It's been interesting seeing my external IP change occasionally by BT.
Rob
-
The moment after you press "Post" is the moment you actually see the typso 8)

User avatar
chrome307
Posts: 708
Joined: Thu 15 Jan 2009, 11:00

#60 Post by chrome307 »

@tasmod

I'm using v1.2 .... hadn't realised you'd updated it again!!

lol ... I even used it to correct my location settings for time!!

Post Reply