Firewalls on Linux

If you use Linux, you should consider a firewall. The time that malware and trojans did not exist for Linux has long passed.

Times have changed, Linux is now a target for criminals. This could be for different reasons, like stealing your bitcoins (if you use a software wallet). What can you do?

You can scan your system with programs like Lynis. But that may not be enough..

What are your options speaking in terms of firewalls?

Firewall apps (Port level)

Luckily you are not limited by choices here. There are many firewall apps and even complete firewall distributions.

The popular ones are:

• iptables (howto)
• UFW – Uncomplicated Firewall (tutorial)

Both of these need command line configuration. UFW can also be configured with a graphical program named gufw, but I find this harder and more confusing than the terminal.

But, there are many others, here's a list if you want to check them out:

• ipcop
• Vuurmuur
• shorewall
• pfsense
• Untangle NG Firewall (distro)
• IPFire
• Smoothwall Express
• VyOS

Application level firewall

Most of these do packet filtering based on network port. If you want to do application level blocking, you can use OpenSnitch

Yes, this lets you block network access per app. There used to be a firewall named 'Douane firewall' which did the same, but I can't find it anymore.

Related links:

• Ubuntu's uncomplicated firewall howto
• Iptables Linux firewall howto
• Course: Secure your Linux server