Peasy Firewall Monitor

Problems and successes with specific brands/models of networking hardware.
Message
Author
User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

Peasy Firewall Monitor

#1 Post by rcrsn51 »

It isn't pretty, but it will tell you exactly what your firewall is doing. A must-have for diagnosing problems with file/print sharing.

Run it from the Network menu or from an optional tray applet.

For users who are afraid that their firewall might spontaneously turn itself off, and want a tray icon to inform them when it happens, and are willing to sacrifice the extra CPU cycles to run it, go here.

The 64bit of PFM version is here.

Update: Version 1.5 now works in 6-series Puppies and uses the original, reliable Linux Firewall. This version is backwards-compatible with the 4-series, including the tray applet.

Update: Version 1.6 can build the firewall for a trusted LAN. This lets you share services with other hosts on your local network while blocking any external traffic. For example: you can access a networked printer that uses some unknown port, or you can run a SAMBA server that client computers can see through the firewall.

If you really, really think that you need a firewall, this is the most flexible setup. Running a firewall, then opening individual ports is stupid.

Update: Consider this situation: your laptop is connected to your home network using Trusted LAN. You go outside and connect to a public WiFi hotspot with a different network. Now you do NOT want to be using Trusted LAN. In fact, you should have ZERO open ports! PFM v1.9 has a button that restores the default maximum firewall.

If you take your laptop to a friend's house and join their network to share files, you must re-run Trusted LAN. Do it AFTER you have received an IP address on the new network.

Update: V2.1 recognizes multiple networks. For example, you could raise the maximum firewall against your main network while treating a WiFi Direct printer as a trusted LAN.

Or you could leave your wired network open for sharing but raise a firewall against a wireless connection.

-----------------------------
Attachments
peasyfwmon-2.1.pet
Updated 2017-07-25
This is 32bit - see page 3 for 64bit
Recognizes multiple networks
(23.71 KiB) Downloaded 949 times
screenie.png
(16.8 KiB) Downloaded 2713 times
Last edited by rcrsn51 on Fri 04 Aug 2017, 21:46, edited 53 times in total.

User avatar
bigpup
Posts: 13886
Joined: Sun 11 Oct 2009, 18:15
Location: S.C. USA

#2 Post by bigpup »

Good simple way to control firewall.
Thanks!

Works in Slacko 5.6.3 test version made with Woof-CE.

One really good, needed feature, I am not seeing.
The icon, on the task bar, does not change, indicating the state of the firewall.

That is the one feature of Firewallstate that I like.
A quick look at icon tells you if firewall is on or off.
The icon changes with state of firewall.
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected :shock:
YaPI(any iso installer)

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#3 Post by rcrsn51 »

bigpup wrote:One really good, needed feature, I am not seeing. The icon, on the task bar, does not change, indicating the state of the firewall.
That's not a feature of the applet. This is meant primarily as a diagnostic tool where you can see the explicit words ON or OFF.

Here is the problem with the icon. I have participated in numerous frustrating episodes where people could not get file/print sharing to work because the firewall was on when they were convinced that it was off. Either the icon was not working or they were interpreting it wrong.

Sometimes, a word is worth a thousand pictures.

gcmartin

Advancement in Firewall Management for the local PC

#4 Post by gcmartin »

This is a great addition to Puppyland. I had hinted at this before. Every PUP distro benefits from management like this.

Other features, should there be a future enhanced version is a firewall monitor option to show one of the following
  • ports open/blocked
  • a ports changer/configurator
This tool could be an addition or replacement to the current confusing tool making it easy for new user (any user) to understand and follow.

Question
  • Is this aimed for 32bit, 64bit or both?
Hope this helps

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

Re: Advancement in Firewall Management for the local PC

#5 Post by rcrsn51 »

gcmartin wrote:ports open/blocked
I have posted v1.4 that shows a list of open ports when the firewall is up. Please test and report.
This tool could be an addition or replacement to the current confusing tool making it easy for new user (any user) to understand and follow.
Here is the more important issue. Why does Puppy make it so easy for beginners to turn on a firewall when many of them (those on a local network behind a router) really don't need it?
Is this aimed for 32bit, 64bit or both?
Have you tested it yourself on a 64-bit machine?

User avatar
Karl Godt
Posts: 4199
Joined: Sun 20 Jun 2010, 13:52
Location: Kiel,Germany

#6 Post by Karl Godt »

chmod +x /root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray
/root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray

Seems to work with Puppy-4
GNU C Library stable release version 2.6.1, by Roland McGrath et al.

May I ask where the binary is from ?
«Give me GUI or Death» -- I give you [[Xx]term[inal]] [[Cc]on[s][ole]] .
Macpup user since 2010 on full installations.
People who want problems with Puppy boot frugal :P

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#7 Post by rcrsn51 »

Karl Godt wrote:chmod +x /root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray
/root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray
With good reason. I want the tray applet to be optional. This is primarily a diagnostic tool.
May I ask where the binary is from ?
Attached.
Attachments
peasyfwmon_tray_source.tar.gz
(657 Bytes) Downloaded 698 times
Last edited by rcrsn51 on Fri 17 Feb 2017, 20:48, edited 2 times in total.

User avatar
Marv
Posts: 1264
Joined: Wed 04 May 2005, 13:47
Location: SW Wisconsin

#8 Post by Marv »

Installed and runs fine in xprecise 2.2 (precise 5.6.1 based), LxPup 13.10 (slacko 5.6 based), and in Carolite 1.1 (Racy 5.2.2 based). Nice to have quick confirmation of port status without having to scan separately.
Pups currently in kennel :D Older LxPupSc and X-slacko-4.4 for my users; LxPupSc, LxPupSc64 and upupEF for me. All good pups indeed, and all running savefiles for look'n'feel only. Browsers, etc. solely from SFS.

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#9 Post by rcrsn51 »

Thanks for testing.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#10 Post by nooby »

rcrsn51 as you know by now I am not very bright :)

Do you tell us that the icon that shift in the tray
does not show reality. While your monitor
is a reliable such indicator. Then I should get that program.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#11 Post by rcrsn51 »

nooby wrote:Do you tell us that the icon that shift in the tray does not show reality. While your monitor is a reliable such indicator.
I'm not making that claim. I am just providing an alternate diagnostic tool that may be useful in some situations.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#12 Post by nooby »

Much appreciated.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#13 Post by greengeek »

Useful app. I have installed it on ThinSlacko 5.3.3t (2012 version) and it works perfectly.

I like the way you can choose to add the peasy app icon to the tray and also remove it when desired.

If I had any suggestion it would be that due to weakening eyesight I would like to see the peasymonitor icon slightly bigger and maybe rectangular. It looks good with the flames ("fire") but if it was rectangular it would also look like a "wall". (I really should put my glasses on, but without them it looks a bit like a batman icon).

(it's mostly the fact I'm viewing it on a tiny netbook screen that isn't helping my vision limitations :-)

ps: it doesnt tell me that my internet port is open, but I think I've read before that puppy doesn't tell you if port 80(?) is open. Would that be correct?

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#14 Post by rcrsn51 »

greengeek wrote:it doesnt tell me that my internet port is open, but I think I've read before that puppy doesn't tell you if port 80(?) is open.
Port 80 isn't open because you are not running a web SERVER. When you run a web browser CLIENT, it temporarily opens various high-numbered ports to communicate with servers elsewhere.

There are lots of firewall icons on the web.

1. Download one and open it in mtPaint
2. Convert it to a 16x16 XPM graphic
3. Save it as mini-firewall.xpm
4. Copy it to /usr/local/lib/X11/mini-icons
5. Reboot

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#15 Post by greengeek »

Thanks! I found an icon and modified it to suit. It is the one that looks like a yellow giraffe thingy. (must be something wrong with mtPaint...)
Attachments
New icon screenie.jpg
(5.27 KiB) Downloaded 3790 times

gcmartin

#16 Post by gcmartin »

This is a very nice addition to desktop and tray.

Ideas for future version(s)
Idea 1
Ports are opened as individual or port-groups, If you consider that an instance, whether individual or group is a single entity, then one can logically count all of the entities to get a total number of entities open on the PC.

This total can update the taskbar icon similar to the icon that show system demand. Thus, at a glance, the PFW icon could show the number of open entities (referring to "port entities").

Idea 2
Is there a front-end app/dialogue that could be used to open or close specific ports on the system? And, if so, could the monitor launch it from its pop-up?

Just a couple of ideas to help.

Thanks for all you do to help all of us
Edited: to avoid a mis-conception
Last edited by gcmartin on Fri 13 Dec 2013, 09:23, edited 3 times in total.

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#17 Post by rcrsn51 »

gcmartin wrote:Is there a front-end app/dialogue that could be used to open or close specific ports on the system? And, if so, could the monitor launch it from its pop-up?
No. This is not a firewall administration tool. It is just a diagnostic tool for checking the status of the firewall. See above.
Ports are opened as individual or port-groups, If you consider that an instance, whether individual or group is a single entity, then one can logically count all of the entities to get a total number of entities open on the PC. This total can update the taskbar icon similar to the icon that show system demand. Thus, at a glance, the icon could show number of open entities.
???????

gcmartin

#18 Post by gcmartin »

rcrsn51 wrote:???????
I have edited that post to try to clarify one of the ideas. To rephrase:
(Assuming you understood the portion of the "entity".) In this case, the entity is a designation of a port or single consecutive group of ports that is open. The total of those open constitutes some integer which can be updated in the "Peasy Firewall Monitor's" (PFW) taskbar icon.

This has the benefit of allowing the desktop user to see open ports at a glance at the taskbar. Should one notice that the PFW icon shows a change, it would be a signal to investigate.

Hope this is clearer.

On the other idea: I did comment that its just an idea for some future consideration. It is NOT to be taken as a request. Should you see value in anything that is offered in that post, feel free to exploit it appropriate as you see.PFW in the future.

I did understand that the product is a management and reporting product. Management because it possesses the managing ability to start/stop as well as set controls in the system behavior. As such, I offer the ideas for future. I see value in what you have already presented. Thanks.

Hope this helps ... and pardon any prior typos.

User avatar
tuxtoo
Posts: 173
Joined: Tue 14 Dec 2010, 19:45
Location: Knaresborough, North Yorkshire, UK
Contact:

Puppy 412

#19 Post by tuxtoo »

It may be a bit late in the day for this, but I am using Puppy-4.1.2 and Peasy Firewall Monitor works fine but I am unable to get the icon to appear in the tray. Any ideas?
Puppy Linux search engine.

[b][url]http://wellminded.net63.net/[/url][/b] Suitable for older browsers.

Mirror [b][url]https://puppysearch.neocities.org[/url][/b]

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#20 Post by rcrsn51 »

Glad you like it. I still use PFM in situations where I need to be absolutely certain about the status of the firewall.

The tray applet was compiled in a 5-series Puppy and is not backwards compatible with the 4-series.

Post Reply