• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Which Linux based firewall would you recommend

T

thedighubs

Member
Good day dear friends,

Which Linux based firewall would you recommend me.
Does Linux have a firewall on board - in other words: does it come shipped with a firewall that still needs to be completed and configured - towards the own needs?

I am using Linux for some time but I am not familiar with the details of firewall.

So I am looking forward to your thoughts.

Cheers
 
Sorry, missed this topic. The answer is it depends on your distribution. Most will have a firewall of some type. For the longest time, most used "iptables", but "firewalld" seems to have replaced that in many, especially the ones that were mirroring what Red Hat was doing. These are mainly just for basic security (it is very possible to use them for some very complex behavior, but the out of the box behavior depends on the distribution).
 
The actual "firewall rules" are in the Linux kernel. The kernel has had "netfilter" a long time. The "iptables" was a low level tool to interact with the netfilter. (Before iptables there was "ipchains".) Since 3.13 the kernel has had also "nf_tables" that supercedes-or-something the netfilter. The low level tool is "nft" (and there is version of "iptables" that is wrapper/translator to nft).

The low level is not very "humane", so many distros have a "front-end" that talks to kernel directly or with the low level tools. Examples are FirewallD and UFW. They present the user more "logical" config that they translate to kernel rules. Some distros (e.g. embedded in home routers) may have just (browser-based) GUI interface, where they offer rather minimal set of logical options.

As said, the default ruleset depends on the distro. The "own needs" do most likely need some action (unless you are more "typical" than you expect).
 
hello dear @mv2devnull and @Fallen Kell


thanks - dear mv2devnull -

The actual "firewall rules" are in the Linux kernel. The kernel has had "netfilter" a long time. The "iptables" was a low level tool to interact with the netfilter. (Before iptables there was "ipchains".) Since 3.13 the kernel has had also "nf_tables" that supercedes-or-something the netfilter. The low level tool is "nft" (and there is version of "iptables" that is wrapper/translator to nft).
Click to expand...

thank you. I am not too familiar with the firewall-rules - but this helps alot.
i will have to digg deeper into the "iptables"- things.

sure there are some good readings out there - which i can use

The low level is not very "humane", so many distros have a "front-end" that talks to kernel directly or with the low level tools. Examples are FirewallD and UFW. They present the user more "logical" config that they translate to kernel rules. Some distros (e.g. embedded in home routers) may have just (browser-based) GUI interface, where they offer rather minimal set of logical options.
Click to expand...

you mention differences between the distros.

thats very helpful - well btw: i am on EndeavourOS - perhaps i find there some hints and declaration on the FireWall topic.

Thank you so much for the sharing of your ideas and experience.

awesome: BTW this forum is a really great place 🙂
 
Firewalld is the default in EndeavourOS. If the command line is too difficult (firewalls are a little tricky if this is the first time you are trying to manage one), there are some GUIs out there that you can install. But really command line is the way to go with firewalld.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top