12 Jan 2008

IPTables GUI - Lokkit, Firestarter, Guarddog

Lokkit Vs Firestarter Vs Guarddog

Many linux distros installs a firewall by default. Mainly IPTABLES.

If you're looking for a Grafical Interface to easy configure your firewall rules in IPTABLES, then those are the main 3 choices:

1- Lokkit (terminal & gnome)
2- Firestarter
3- Guarddog (kde)

4- $ iptables
5- conclusions


1- Lokkit (Terminal & GNOME)

The easiest one.
A wizard will guide you through few questions and will reconfigure IPTables for you.
Lokkit has a console and a gnome version:

The point is that, in case you need more control over the rules, this is not for you!

Here is an explanation guide

Note for Ubuntu users
: use Synaptic to install it, then go to
Menu -> applications -> Other -> Lokkit


2- Firestarter

A nice one.
It provides a GUI for configuring rules and settings on IPTables.
Certainly more configurable than Lokkit, and allows to set up 95% of the rules for a normal use needs.

  • has a log window of "active connection" and "Real time Events" allowing to quickly check what's goin on;
  • add a very useful tryicon to open it in a click;
  • both inbound and outbound access policy;
  • Support for Denial of Service (DoS) attacks;
  • stealth ports;
  • whitelists and blacklists
  • ...
Here the main site.
Here the complete feauture list.


3- Guarddog (KDE)

More professional...

If you are looking for something a bit more professional, then go for Guarddog (which is a KDE Gui).
Guarddog goes a bit deeper respect to Firestarter.
The 2 main differenced are
  1. Guardog doen't have a realtime event viewer (obviously you still can keep realtime infos "tailing" the logs in a terminal window);
  2. Guardog has more config options (Eg: NAT rules, connection tracking ...);

  • for KDE 2 or 3;
  • generates scripts for ipchains and/or iptables;
  • can create different zones with different policies;
  • Import/Export firewall scripts;
  • ipchain and iptables support;
  • ...
Here the homepage
Here the main feautures list
Here a well documented tutorial


4- $ iptables

If you still prefer to do it by yourself, here you can find a nice HOWTO for strarting to learn the IPTABLES commands




if you dont know or don't care too much about the firewall rules, and just want to add a firewall protection to you desktop.


if u want a full control of your firewall, and want to know in realtime what's going in/out and what's been blocked.


if you want a GUI that does almost the same as the $iptables command line, but don't wonna get crazy spending time to write 1 by 1 every single rule with $iptable on a console ... Guarddog will do it for you.

$ iptables

The old way. it controls everything.
But you still have to write everything by hands.



vkurland said...

You did not mention Firewall Builder - http://www.fwbuilder.org. It is lot more flexible than other GUIs and is better suited for complex firewall configurations.

Paul Marinas said...

you can also try a SAAS solution for managing iptables -> https://www.efw.io/Forum it can do AWS cloud integration if needed.