Many linux distros installs a firewall by default. Mainly IPTABLES.
If you're looking for a Grafical Interface to easy configure your firewall rules in IPTABLES, then those are the main 3 choices:
1- Lokkit (terminal & gnome)
2- Firestarter
3- Guarddog (kde)
4- $ iptables
5- conclusions
--------
1- Lokkit (Terminal & GNOME)
The easiest one.
A wizard will guide you through few questions and will reconfigure IPTables for you.
Lokkit has a console and a gnome version:
The point is that, in case you need more control over the rules, this is not for you!
Here is an explanation guide
Note for Ubuntu users: use Synaptic to install it, then go to
Menu -> applications -> Other -> Lokkit
--------
2- Firestarter
A nice one.
It provides a GUI for configuring rules and settings on IPTables.
Certainly more configurable than Lokkit, and allows to set up 95% of the rules for a normal use needs.
- has a log window of "active connection" and "Real time Events" allowing to quickly check what's goin on;
- add a very useful tryicon to open it in a click;
- both inbound and outbound access policy;
- Support for Denial of Service (DoS) attacks;
- stealth ports;
- whitelists and blacklists
- ...
Here the complete feauture list.
--------
3- Guarddog (KDE)
More professional...
If you are looking for something a bit more professional, then go for Guarddog (which is a KDE Gui).
Guarddog goes a bit deeper respect to Firestarter.
The 2 main differenced are
- Guardog doen't have a realtime event viewer (obviously you still can keep realtime infos "tailing" the logs in a terminal window);
- Guardog has more config options (Eg: NAT rules, connection tracking ...);
- for KDE 2 or 3;
- generates scripts for ipchains and/or iptables;
- can create different zones with different policies;
- Import/Export firewall scripts;
- ipchain and iptables support;
- ...
Here the main feautures list
Here a well documented tutorial
--------
4- $ iptables
If you still prefer to do it by yourself, here you can find a nice HOWTO for strarting to learn the IPTABLES commands
--------
Conclusion
Lokkit
if you dont know or don't care too much about the firewall rules, and just want to add a firewall protection to you desktop.
Firestarter
if u want a full control of your firewall, and want to know in realtime what's going in/out and what's been blocked.
Guarddog
if you want a GUI that does almost the same as the $iptables command line, but don't wonna get crazy spending time to write 1 by 1 every single rule with $iptable on a console ... Guarddog will do it for you.
$ iptables
The old way. it controls everything.
But you still have to write everything by hands.
NNN
2 comments:
You did not mention Firewall Builder - http://www.fwbuilder.org. It is lot more flexible than other GUIs and is better suited for complex firewall configurations.
you can also try a SAAS solution for managing iptables -> https://www.efw.io/Forum it can do AWS cloud integration if needed.
Post a Comment