How to setup a firewall in Ubuntu
Introduction
A firewall is a necessary piece of software on most operating systems. This is not true for Ubuntu, because the default install doesn't include any services that accept connections from the network. You can confirm this by running this command:
If you later decide to install a new service such as SSH or Remote Desktop (VNC), you will probably want to control who can access these services by installing a software firewall. Searching in Add/Remove Applications for "firewall" does not return any results. Searching in Synaptic Package Manager for "firewall" will provide you with 116 results. Obviously, these are not the best ways to find the right application.
Firestarter Firewall (basic)
I recommend using a site like Linux App Finder to learn about open source applications. On the Linux App Finder site you can search for "firewall" or you can use the menu system to select "Security -> Firewall". That will take you to this page, which displays some popular firewall applications, sorted by their rating. The top entry is Firestarter, which is the application I recommend to anyone who has basic firewall needs and prefers a simple interface.
You can install Firestarter using "System > Administration > Synaptic Package Manager". Once it is installed, you can access the application from "System > Administration > Firestarter". The first time you start the application, Firestarter will walk you through a basic configuration wizard that looks like this:
Once the wizard is completed, your firewall is up and running. By default, it will block all incoming connections. You will need to configure the firewall policy to allow access to your services. You can add simple rules like "Allow connections to VNC from Anywhere", or you can setup more granular rules like "Allow connections to VNC from a specific IP address". These configurations are done in the "Policy" tab.
There is a Status page that will show you if the firewall is active, the amount of activity on each interface, and what connections are currently being made.
One of the nice features of this firewall is the logging function that shows connections that have been blocked by the firewall.
Guarddog Firewall (intermediate)
People who want a few more options to work with (or who are running KDE) may want to choose another great firewall application called Guarddog. This application provides more options and configurations than Firestarter, but it is still simple to use.
Fwbuilder Firewall (advanced)
If you want to run a network firewall on Ubuntu, you probably need to implement complex firewall rules and advanced configurations. The best tool for this is called fwbuilder. I only recommend fwbuilder to people who have a good understanding of firewalls and networking. This tool has many advanced features including revision control, and the ability to deploy the firewall policy to a remote firewall.
A firewall is a necessary piece of software on most operating systems. This is not true for Ubuntu, because the default install doesn't include any services that accept connections from the network. You can confirm this by running this command:
sudo netstat -plutServices that accept connections from the network will include an asterisk symbol or an IP address in the field labeled "Local Address". Services that only accept connections from the local system will include the word "localhost".
If you later decide to install a new service such as SSH or Remote Desktop (VNC), you will probably want to control who can access these services by installing a software firewall. Searching in Add/Remove Applications for "firewall" does not return any results. Searching in Synaptic Package Manager for "firewall" will provide you with 116 results. Obviously, these are not the best ways to find the right application.
Firestarter Firewall (basic)
I recommend using a site like Linux App Finder to learn about open source applications. On the Linux App Finder site you can search for "firewall" or you can use the menu system to select "Security -> Firewall". That will take you to this page, which displays some popular firewall applications, sorted by their rating. The top entry is Firestarter, which is the application I recommend to anyone who has basic firewall needs and prefers a simple interface.
You can install Firestarter using "System > Administration > Synaptic Package Manager". Once it is installed, you can access the application from "System > Administration > Firestarter". The first time you start the application, Firestarter will walk you through a basic configuration wizard that looks like this:
Once the wizard is completed, your firewall is up and running. By default, it will block all incoming connections. You will need to configure the firewall policy to allow access to your services. You can add simple rules like "Allow connections to VNC from Anywhere", or you can setup more granular rules like "Allow connections to VNC from a specific IP address". These configurations are done in the "Policy" tab.
There is a Status page that will show you if the firewall is active, the amount of activity on each interface, and what connections are currently being made.
One of the nice features of this firewall is the logging function that shows connections that have been blocked by the firewall.
Guarddog Firewall (intermediate)
People who want a few more options to work with (or who are running KDE) may want to choose another great firewall application called Guarddog. This application provides more options and configurations than Firestarter, but it is still simple to use.
Fwbuilder Firewall (advanced)
If you want to run a network firewall on Ubuntu, you probably need to implement complex firewall rules and advanced configurations. The best tool for this is called fwbuilder. I only recommend fwbuilder to people who have a good understanding of firewalls and networking. This tool has many advanced features including revision control, and the ability to deploy the firewall policy to a remote firewall.
Comments
Post a Comment