Frequently Asked Questions (FAQ)
Q: My /var/log/messages (or other log) is flooded with firewall messages. Can i make sure the firewall logs go into their own logfile like /var/log/firewall?
A: Yes, this can be done. Please look at the detailed instructions in the Logging section of the Vuurmuur Manual.
Q: I installed from source or Autopackage and Vuurmuur doesn't start on boot. Whats wrong?
A: Different Linux distributions handle the bootprocess in different ways. Therefore it is very hard to setup Vuurmuur to start on boot from the installer/autopackage. So you will have to do this manually. An example initscript is provided in /usr/share/vuurmuur/scripts/. Edit the script to reflect the path you installed Vuurmuur and then copy it to /etc/init.d/vuurmuur. Then you have register it to the bootprocess. Redhat/Fedora uses chkconfig, Debian update-rc.d and Gentoo rc-update... check the manual of your distro for details on how to register it.
Q: On my system the console is flooded with log messages. How can i fix this?
A: See this link: http://lists.samba.org/archive/linux/2002-January/001726.html
For debian (unstable) systems, you can just edit /etc/sysctl.conf and uncomment the line
#kernel.printk = 4 4 1 7
and then reload the new value by using the
sysctl -p command.
Q: Vuurmuur fails to start up with message: Error: checking for iptables-capabilities failed. Please see error.log.
First, make sure you have proper iptables support in you kernel or modules. This means conntrack and iptables support. If you are sure that you have, there is a setting to try. In vuurmuur_conf, go to 'Vuurmuur Config -> Modules'. There, set the 'waittime after loading a module' to 10. Then retry starting Vuurmuur.
Q: Before upgrading Vuurmuur, do i need to uninstall the old version first?
A: Before upgrading Vuurmuur to a new version you don't need to uninstall Vuurmuur first, as long as you keep the installation paths the same. If you use the --defaults option, you are ok.
Q: When i install from source, i get the following errror: "checking dependency style of gcc... gcc configure: error: cannot run /bin/sh ./config.sub make: * [configure-stamp] Error 1"
A: Make sure that you have libtool installed, and try again.
Q: How do i remove the Vuurmuur Autopackage from my system?
A: Run (as root) the following command: 'package remove Vuurmuur'. This will uninstall Vuurmuur but it leaves your configuration on the system. This will have to removed manually.
Q: NFS mounts are hung when the system boots, how do I fix this?
A: Make sure your
netfs service starts after
vuurmuur. For example, on RedHat/CentOS you can do this by renaming the startup script
/etc/rc3.d/S92netfs. Since these scripts are loaded alphabetically, renaming it should place it after the