IqFIRE-wall installation
Pre-install considerations: what is a firewall, what is ipfire-wall?
Installing a firewall into a computer means adding a level of protection to your machine connected to the Internet, blocking undesired traffic and refusing connections towards and from malicious attackers over the network. A firewall establishes a set of rules to allow or block internet communications, depending on the administrator's policies. Normally, in a Linux system, a firewall is configured by the root user through command line interfaces or graphical tools, provided by many software applications. If you are interested in learning the official linux firewalling framework, then you should have a look at the netfilter/iptables infrastructure, or read a short presentation of the Netfilter/iptables architecture (in italian).
Installing ipfire-wall means to have a simple firewall at your disposal, with a simple user interface, allowing also a normal (not only the administrator) user to insert his policies and to personalize the software appearence and behaviour. Moreover, ipfire-wall/iqfire-wall is a good educational and instructive tool for non expert users who want to learn Linux and in particular its networking framework and implementation. The Infrastructure and Peculiarities paragraph in the ipfire-wall introduction page might be interesting to describe the particularities of the software architecture.
Installing ipfire-wall into your system
The ubuntu specific installation files are now available on the sourceforge.net web site!
IqFIRE-wall needs some packages and libraries to work correctly. If you have ubuntu, kubuntu or debian linux installed then you can directly read the
- Ubuntu or Kubuntu 8.04 (also KDE4 Remix) packages;
- ubuntu 7.04 or generic ubuntu iqfire-wall installation instructions;
- debian iqfire-wall installation instructions.
The Ubuntu or Kubuntu 8.04 installation instructions represent the easiest way to install iqfire-wall, and it is the recommended choice for the owners of the 8.04 version of ubuntu (or kubuntu).
The generic instructions apply to all linux distributions, and they explain how to build ipfire-wall from the software sources, and they are addressed to users having other linux distributions than ubuntu/kubuntu, version 8.04, or curious/expert people.
Generic instructions and requirements for iqfire-wall installation
- Administration rights
- To install iqfire-wall, you need to have administrative rights on the computer.
This means that you have the root password. Provided this, all the commands
and actions proposed in this installation guide must be executed as root.
Usually, a normal user can achieve the administrator's privileges by typing
su -
on a command line prompt (a terminal such as Gnome-Terminal or Kde Konsole), or (i.e. Ubuntu/Kubuntu distributions prepending the command
sudo
to every command suggested in the instructions on this page.
In any of the two cases, the root password is required (or your password/sudo password if using sudo, for example in ubuntu). - Dependencies/requirements
- Linux kernel series 2.6.x, with x possibly greater than 18 (visit www.kernel.org;
- development environment, including the c, c++ compilers (gcc suite);
- the Qt version 4 development libraries, usually called something like libqt4, libqt4-dev, libqt4-core, libqt4-gui...
- the KDE version 4 basic libraries and the konsole for kde4 package. The basic libraries must also include the development files, because iqfire-wall uses the konsole for kde4 as a part in the main window, and such libraries are needed to embed a terminal into another window as a part. In the KDE web site one can find the installation instructions for the new version of kde4;
- the Qwt widgets for technical applications libraries, which provide the layer to develop the statistic graph inside iqfire-wall. These libraries must be version 5 and must be downloaded/compiled with support for Qt4, not Qt3. The download page is here;
- Installation
- the ipfire-wall kernel module;
- the ipfire-wall console firewall (the console version, as it was until version 0.98.6);
- the new iqfire-wall graphical user interface.
- Download the IqFIRE-wall sources choosing one of the two methods listed below:
- the .tar.gz package from sourceforge.net, which represents the latest package of the firewall distribution;
- the latest snapshot available, containing the most up to date modifications on the
code of iqfire-wall, via the CVS
sourceforge.net repository:
- open a terminal in your linux desktop;
- execute cvs -d:pserver:anonymous@ipfire-wall.cvs.sourceforge.net:/cvsroot/ipfire-wall login
- execute cvs -z3 -d:pserver:anonymous@ipfire-wall.cvs.sourceforge.net:/cvsroot/ipfire-wall co -P IPFIRE-wall
- if you downlaoded the .tar.gz package, unpack it the in a directory of your choice and extract it right clicking on the IPFIRE-wall-x.y.z.tar.gz icon and choosing the correct action to extract the .tar.gz archives or give the command tar -xzf IPFIRE-wall.x.y.z.tar.gz from the command line;
- open a terminal and change directory into IPFIRE-wall's: cd /directory/of/download/IPFIRE-wall-x.y.z;
- build and install the firewall launching the script install.sh with the command ./install.sh, and confirming with the key return at the first installer question.
- If you are installing under debian GNU/Linux, remember the parameter debian when launching the install script (i.e. ./install.sh debian);
- If something fails, read the Requirements once again to be sure you did not forget to install a needed dependency.
- Once installed correctly, to start the firewall, open a terminal, become root
by executing
su -,
provide the administration password and type
/etc/init.d/rc.ipfire start.
This will load the ipfire-wall framework into the system, the default rules and configuration that the firewall comes with at the moment of the first installation.-
Note:
- if you normally use sudo to execute programs which require administration privileges (for instance if you run an ubuntu based Linux distribution), then instead of executing su - in the step above, just type sudo /etc/init.d/rc.ipfire start at a command line prompt.
- The graphical user interface can be executed from the Applications menu in
the Gnome or KDE panel, Internet submenu.
In that submenu, three launchers are available:- ipfire-wall command line interface, the older console interface;
- iqfire-wall graphical user interface, for normal user (recommended use);
- iqfire-wall graphical user interface executed as root, to be used by the system administrator to configure system wide rules and configurations, i. e. the rules loaded at computer startup and valid for each user. You might be interested in reading the ipfire-wall documentation to learn about the architecture of ipfire-wall and the administrator/unprivileged users relationships.
- If you go to your desktop panel and click on the applications menu (menu K on KDE or Applications on Gnome), you should find a launcher for iqfire-wall under the Internet submenu. Click on it to launch iqfire-wall;
- optionally, you can drag with the mouse the icon above and drop it into the desktop workspace to create a launcher inside your desktop.
- To later reinstall iqfire-wall, re-run the script install.sh as above, adding the parameter clean to the invocation command.
The installation steps consist into downloading and installing iqfire-wall on your system. iqfire-wall is hosted on sourceforge.net since the creation of the project ipfire-wall. Actually, the project has the same name although the package IPFIRE-wall now contains iqfire-wall too. You will be able to download the official releases, packaged as tar.gz compressed archives, or to choose the snapshots from the CVS repository, which ensure the most up to date code available.
The package, both from tar.gz compressed archives or CVS includes
iqfire-wall is (C) Giacomo Strangolino and is subject to the GPL licence.