Start Firestarter without a password
This how-to will let you start Firestarter automatically without having to enter a password for it, but also not editing /etc/sudoers and, thus, giving access to anyone to change it.
Actually, this how-to was originally developed by kukibird1 in this thread; I put it here so it is more visible.
0. Understand what Firestarter is
Firestarter is not the firewall, just a nice tool to configure iptables, the actual firewall.
Iptables resets itself after reboot, so Firestarter is meant to start at boot and recreate iptables' rules. This is made before even GNOME/KDE/Xfce is started, so you won't see anything...
You don't need to open Firestarter to be protected... So, any solution that makes Firestarter open (not only start) will prompt you for the "sudo" password and, because that's nasty, you're told to edit /etc/sudoers... Not good.
1. Is it really Firestarter your problem?
How do you know if Firestarter is your problem? Please, do this test:
1. Reboot your machine.
2. After having logged in as normally, go to a Terminal (Applications --> Accessories --> Terminal) and type:sudo iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
2. Fix it!
(To do this succesfully don't open Firestarter)
1. Enter Terminal (see above)
2. Type:gksudo gedit /etc/firestarter/firestarter.sh
if [ "$MASK" = "" -a "$1" != "stop" ]; then
echo "External network device $IF is not ready. Aborting.."
exit 2
fi
4. Make that paragraph look exactly like this (put a # before each line):#if [ "$MASK" = "" -a "$1" != "stop" ]; then
#echo "External network device $IF is not ready. Aborting.."
#exit 2
#fi
6. Enter a Terminal and type "sudo iptables -nL" again. It should be different to what you saw at the beginning.
7. Open Firestarter, go again to Terminal and type "sudo iptables -nL" again. It should be the same as in step 6.
8. Review Firestarter configuration to see if it's correct (there's no particular reason to do this, just to be sure you're protected).
Now, you (and all users) are protected from boot, without messing around with sudo's configuration! You'll have to enter the password to access Firestarter, but as you usually do with other administrative apps.
Reasonale
It seems (to me) that Firestarter thinks the network is not configured, so, without network, no firewall is needed and shuts down with an error. Putting those # is equivalent to delete the code that analizes that error, so this fix forces Firestart to start ignoring that "error" (?).