Basic Configuration
The author has provided the Firestarter utility - an OS/2 REXX program - that will
take the user through basic configuration of the firewall.
Please read the disclaimer first
Download Firestarter here
To run Firestarter, open an OS/2 window and type
firestarter at the command prompt.
Alternatively, to manually configure the firewall, complete the
5 steps outlined below:
Check your CONFIG.SYS file for the following lines and add them if they are not
present (the drive letter will be whichever drive you are running OS/2 on):
DEVICE=C:\MPTN\PROTOCOL\FWIP.SYS
DEVICE=C:\MPTN\PROTOCOL\IPSEC.SYS
(Note: FWIP.SYS is the filter driver device from IPSec. IPSEC.SYS provides the
framework for IPSec, and in this context is only needed to implement packet logging.)
Create the following configuration file:
\MPTN\ETC\FWSECAD.CNF
List the IP addresses (in dotted decimal form) of any interfaces you want to be secure
in this file, one per line. Any interfaces not listed will be non-secure.
Create the following configuration file (you will probably need to create the SECURITY
sub-directory first):
\MPTN\ETC\SECURITY\FWFILTRS.CNF
This file is the firewall filter rules list.
It is not necessary to enter any rules
at this stage, as they will be explained later.
Reboot your computer, to allow the changes to update. You must do this, otherwise
the next step will not work.
Open an OS/2 window and, at the command prompt, type the following command:
cfgfilt -u -i
This activates the filter support code. It also switches the firewall on,
by automatically issuing the inetcfg -s firewall 1
command.
To find out more about cfgfilt
go here
To find out more about inetcfg
go here
Basic configuration is now complete.
The firewall should be up and running and blocking all traffic.
Now go to Filter Rule Definition