Basic Configuration




The author has provided the Firestarter utility - an OS/2 REXX program - that will take the user through basic configuration of the firewall.


Please read the disclaimer first

Download Firestarter here



To run Firestarter, open an OS/2 window and type firestarter at the command prompt.


Alternatively, to manually configure the firewall, complete the 5 steps outlined below:


  1. Check your CONFIG.SYS file for the following lines and add them if they are not present (the drive letter will be whichever drive you are running OS/2 on):

    DEVICE=C:\MPTN\PROTOCOL\FWIP.SYS

    DEVICE=C:\MPTN\PROTOCOL\IPSEC.SYS


    (Note: FWIP.SYS is the filter driver device from IPSec. IPSEC.SYS provides the framework for IPSec, and in this context is only needed to implement packet logging.)


  2. Create the following configuration file:

    \MPTN\ETC\FWSECAD.CNF

    List the IP addresses (in dotted decimal form) of any interfaces you want to be secure in this file, one per line. Any interfaces not listed will be non-secure.


  3. Create the following configuration file (you will probably need to create the SECURITY sub-directory first):

    \MPTN\ETC\SECURITY\FWFILTRS.CNF

    This file is the firewall filter rules list.
    It is not necessary to enter any rules at this stage, as they will be explained later.


  4. Reboot your computer, to allow the changes to update. You must do this, otherwise the next step will not work.


  5. Open an OS/2 window and, at the command prompt, type the following command:

    cfgfilt -u -i

    This activates the filter support code. It also switches the firewall on, by automatically issuing the inetcfg -s firewall 1 command.

    To find out more about cfgfilt go here
    To find out more about inetcfg go here

blustar image Basic configuration is now complete.
The firewall should be up and running and blocking all traffic.



Now go to Filter Rule Definition