(old)Puppy Linux Discussion Forum

It isn't pretty, but it will tell you exactly what your firewall is doing. A must-have for diagnosing problems with file/print sharing.

Run it from the Network menu or from an optional tray applet.

For users who are afraid that their firewall might spontaneously turn itself off, and want a tray icon to inform them when it happens, and are willing to sacrifice the extra CPU cycles to run it, go here.

The 64bit of PFM version is here.

Update: Version 1.5 now works in 6-series Puppies and uses the original, reliable Linux Firewall. This version is backwards-compatible with the 4-series, including the tray applet.

Update: Version 1.6 can build the firewall for a trusted LAN. This lets you share services with other hosts on your local network while blocking any external traffic. For example: you can access a networked printer that uses some unknown port, or you can run a SAMBA server that client computers can see through the firewall.

If you really, really think that you need a firewall, this is the most flexible setup. Running a firewall, then opening individual ports is stupid.

Update: Consider this situation: your laptop is connected to your home network using Trusted LAN. You go outside and connect to a public WiFi hotspot with a different network. Now you do NOT want to be using Trusted LAN. In fact, you should have ZERO open ports! PFM v1.9 has a button that restores the default maximum firewall.

If you take your laptop to a friend's house and join their network to share files, you must re-run Trusted LAN. Do it AFTER you have received an IP address on the new network.

Update: V2.1 recognizes multiple networks. For example, you could raise the maximum firewall against your main network while treating a WiFi Direct printer as a trusted LAN.

Or you could leave your wired network open for sharing but raise a firewall against a wireless connection.

-----------------------------

Good simple way to control firewall.
Thanks!

Works in Slacko 5.6.3 test version made with Woof-CE.

One really good, needed feature, I am not seeing.
The icon, on the task bar, does not change, indicating the state of the firewall.

That is the one feature of Firewallstate that I like.
A quick look at icon tells you if firewall is on or off.
The icon changes with state of firewall.

bigpup wrote:One really good, needed feature, I am not seeing. The icon, on the task bar, does not change, indicating the state of the firewall.

That's not a feature of the applet. This is meant primarily as a diagnostic tool where you can see the explicit words ON or OFF.

Here is the problem with the icon. I have participated in numerous frustrating episodes where people could not get file/print sharing to work because the firewall was on when they were convinced that it was off. Either the icon was not working or they were interpreting it wrong.

Sometimes, a word is worth a thousand pictures.

This is a great addition to Puppyland. I had hinted at this before. Every PUP distro benefits from management like this.

Other features, should there be a future enhanced version is a firewall monitor option to show one of the following

• ports open/blocked
• a ports changer/configurator

This tool could be an addition or replacement to the current confusing tool making it easy for new user (any user) to understand and follow.

Question

• Is this aimed for 32bit, 64bit or both?

Hope this helps

gcmartin wrote:ports open/blocked

I have posted v1.4 that shows a list of open ports when the firewall is up. Please test and report.

This tool could be an addition or replacement to the current confusing tool making it easy for new user (any user) to understand and follow.

Here is the more important issue. Why does Puppy make it so easy for beginners to turn on a firewall when many of them (those on a local network behind a router) really don't need it?

Is this aimed for 32bit, 64bit or both?

Have you tested it yourself on a 64-bit machine?

chmod +x /root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray
/root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray

Seems to work with Puppy-4
GNU C Library stable release version 2.6.1, by Roland McGrath et al.

May I ask where the binary is from ?

Karl Godt wrote:chmod +x /root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray
/root/Downloads/peasyfwmon-1.4/root/Startup/peasyfwmon_tray

With good reason. I want the tray applet to be optional. This is primarily a diagnostic tool.

May I ask where the binary is from ?

Attached.

Installed and runs fine in xprecise 2.2 (precise 5.6.1 based), LxPup 13.10 (slacko 5.6 based), and in Carolite 1.1 (Racy 5.2.2 based). Nice to have quick confirmation of port status without having to scan separately.

Thanks for testing.

rcrsn51 as you know by now I am not very bright

Do you tell us that the icon that shift in the tray
does not show reality. While your monitor
is a reliable such indicator. Then I should get that program.

nooby wrote:Do you tell us that the icon that shift in the tray does not show reality. While your monitor is a reliable such indicator.

I'm not making that claim. I am just providing an alternate diagnostic tool that may be useful in some situations.

Much appreciated.

Useful app. I have installed it on ThinSlacko 5.3.3t (2012 version) and it works perfectly.

I like the way you can choose to add the peasy app icon to the tray and also remove it when desired.

If I had any suggestion it would be that due to weakening eyesight I would like to see the peasymonitor icon slightly bigger and maybe rectangular. It looks good with the flames ("fire") but if it was rectangular it would also look like a "wall". (I really should put my glasses on, but without them it looks a bit like a batman icon).

(it's mostly the fact I'm viewing it on a tiny netbook screen that isn't helping my vision limitations

ps: it doesnt tell me that my internet port is open, but I think I've read before that puppy doesn't tell you if port 80(?) is open. Would that be correct?

greengeek wrote:it doesnt tell me that my internet port is open, but I think I've read before that puppy doesn't tell you if port 80(?) is open.

Port 80 isn't open because you are not running a web SERVER. When you run a web browser CLIENT, it temporarily opens various high-numbered ports to communicate with servers elsewhere.

There are lots of firewall icons on the web.

1. Download one and open it in mtPaint
2. Convert it to a 16x16 XPM graphic
3. Save it as mini-firewall.xpm
4. Copy it to /usr/local/lib/X11/mini-icons
5. Reboot

Thanks! I found an icon and modified it to suit. It is the one that looks like a yellow giraffe thingy. (must be something wrong with mtPaint...)

This is a very nice addition to desktop and tray.

Ideas for future version(s)
Idea 1
Ports are opened as individual or port-groups, If you consider that an instance, whether individual or group is a single entity, then one can logically count all of the entities to get a total number of entities open on the PC.

This total can update the taskbar icon similar to the icon that show system demand. Thus, at a glance, the PFW icon could show the number of open entities (referring to "port entities").

Idea 2
Is there a front-end app/dialogue that could be used to open or close specific ports on the system? And, if so, could the monitor launch it from its pop-up?

Just a couple of ideas to help.

Thanks for all you do to help all of us
Edited: to avoid a mis-conception

gcmartin wrote:Is there a front-end app/dialogue that could be used to open or close specific ports on the system? And, if so, could the monitor launch it from its pop-up?

No. This is not a firewall administration tool. It is just a diagnostic tool for checking the status of the firewall. See above.

Ports are opened as individual or port-groups, If you consider that an instance, whether individual or group is a single entity, then one can logically count all of the entities to get a total number of entities open on the PC. This total can update the taskbar icon similar to the icon that show system demand. Thus, at a glance, the icon could show number of open entities.

???????

rcrsn51 wrote:???????

I have edited that post to try to clarify one of the ideas. To rephrase:
(Assuming you understood the portion of the "entity".) In this case, the entity is a designation of a port or single consecutive group of ports that is open. The total of those open constitutes some integer which can be updated in the "Peasy Firewall Monitor's" (PFW) taskbar icon.

This has the benefit of allowing the desktop user to see open ports at a glance at the taskbar. Should one notice that the PFW icon shows a change, it would be a signal to investigate.

Hope this is clearer.

On the other idea: I did comment that its just an idea for some future consideration. It is NOT to be taken as a request. Should you see value in anything that is offered in that post, feel free to exploit it appropriate as you see.PFW in the future.

I did understand that the product is a management and reporting product. Management because it possesses the managing ability to start/stop as well as set controls in the system behavior. As such, I offer the ideas for future. I see value in what you have already presented. Thanks.

Hope this helps ... and pardon any prior typos.

It may be a bit late in the day for this, but I am using Puppy-4.1.2 and Peasy Firewall Monitor works fine but I am unable to get the icon to appear in the tray. Any ideas?

Glad you like it. I still use PFM in situations where I need to be absolutely certain about the status of the firewall.

The tray applet was compiled in a 5-series Puppy and is not backwards compatible with the 4-series.