I've actualy been playing with this recently. Using firestarer should not be a problem because it is just a front-end for IPTables. If you look in
/var/ossec/active-response you should see a log file there that details when it add/removes it's entries.. you can also test it out by issuing bin/firewall-drop.sh add null a second machines ip address and if all goes well that IP address should have zero connection to your server. So anyways as long as you have Iptables installed and running on your machine and you said "yes" to active-response when you installed ossec it should be doing its job (which you can verify from the log file).
I'm actualy constructing an in-depth howto on a computer secure server setup because I have found that Ubuntu is a very insecure server by default (for example the version of apache in the repos is outdated and the particular version is suseptibal to several exploits, as with the version of openssl.. (which you can verity by running nikto on your apache server)