Hello community
Before continuing it is necessary to understand a series of concepts below:
First of all it is necessary to understand that in Linux systems the firewall functions are supported by a framework called Netfilter. Netfilter is an important part of the Linux kernel as it provides the operating system with the functionality to route packets between different networks and block packets destined for sensitive network segments. This is what gives Linux the functionality of having its own firewall.
Now, in order to interact with netfilter it is necessary to make use of the iptables or nftables utilities or components, with the objective of creating sets of rules through the command line, thus managing to define traffic filtering policies in any network or desktop computer. This is the way to configure a Firewall in Linux either in a workstation or in a server.
As in our case we are not going to work as system administrators configuring network services, there is no need to complicate with the command line with iptables or nftables. As I said, there are tools that allow you to configure the Linux Firewall through a graphical interface.
The tools that offer a graphical interface to manage the Linux firewall in a simple way for the user are:
- UFW (Uncomplicated Firewall) tool and its graphical interface Gufw (GUIs for Uncomplicated Firewall).
- Firewalld Tool and its graphical interface GUI firewall-config.
UFW or Uncomplicated Firewall is a management interface that hides the complexity of working with the command line with iptables and nftables to configure the firewall in Linux. Next, I am going to talk about Firewalld which is the one I have used the most in both Debian and Ubuntu distributions.
Well, what is Firewalld? It can be said that it is nothing more than a management tool to achieve a firewall in Linux, and it is available for many distributions, which works as a front-end to the Linux packet filtering system based on a command line interface (CLI) and a graphical user interface (GUI).
The main thing to understand in the tool is the firewall zones. Everything is limited to zones. With Firewalld instead of working with individual rules, you manage groups of rules using zones. This makes it easier to use, as it allows the user to create and manage rules in a single zone instead of having to configure them individually. Depending on the zone being used, it will be the group of rules that will be active, determining the traffic to be allowed according to the level of trust in the network. The zones are assigned to the network interfaces to indicate what behavior the firewall should have depending on the use that will be given to that connection. When connections are not assigned any specific zone, the tool will set the default zone (public).
Below is a screenshot showing the connection that is enabled with its assigned (public) zone.
This tool uses the concept of predefined Zones, this is a great advantage, since depending on the use that is going to be given to the firewall is the selection of the Zone. For personal computers such as laptops, this flexibility provides an easy way to change the firewall rules depending on the user's environment. For example, if we were on a public WIFI network in a coffee shop or airport we could use the drop or public Zone which restrict all incoming network traffic.
The predefined firewalld zones are as follows:
You can see in the Services tab the services that are trusted in the selected zone and that are accessible from all computers and networks. I do not have any services selected so the firewall does not allow any incoming traffic. Basically the services in the firewall are nothing more than predefined rules that cover all the necessary settings to allow incoming traffic for a specific service such as a web server and are applied within the selected zone.
Below, in the following image, you can see the services in Firewalld:
The way to install Firewalld on Ubuntu 22.04 is as follows:
The Ubuntu 22.04 distribution has the UFW tool installed by default.
1- As a good practice we first verify that the service is not enabled, for this we use the command service ufw status. If it is enabled, we disable it with the command service ufw stop.
In the following screenshot you can see the commands:
2- Then we run the command apt-get install firewalld to install the tool.
You can see it in the following screenshot:
3- Next, we install the graphical interface of Firewalld with the following command apt-get install firewall-config.
It can be seen in the screenshot below:
4- Then finally we look for the tool by typing firewall.
5- When we execute the tool it will ask us for a password to obtain administrative privileges, and we already have our firewall
So far my post, I hope it has been useful. Actually more concepts related to the tool are missing, but this is the basics.
In this project site you can learn more about it.
Link: https://firewalld.org/
Post manually reviewed. 😊
Thank you 👍
Yay! 🤗
Your content has been boosted with Ecency Points, by @jordy0827.
Use Ecency daily to boost your growth on platform!
Support Ecency
Vote for new Proposal
Delegate HP and earn more
Thank you @jordy0827 and @ecency
Congratulations @rainerlester8308! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)
Your next target is to reach 1500 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOP
Check out our last posts:
Congratulations!
✅ Good job. Your post has been appreciated and has received support from CHESS BROTHERS ♔ 💪
♟ We invite you to use our hashtag #chessbrothers and learn more about us.
♟♟ You can also reach us on our Discord server and promote your posts there.
♟♟♟ Consider joining our curation trail so we work as a team and you get rewards automatically.
♞♟ Check out our @chessbrotherspro account to learn about the curation process carried out daily by our team.
🥇 If you want to earn profits with your HP delegation and support our project, we invite you to join the Master Investor plan. Here you can learn how to do it.
Kindly
The CHESS BROTHERS team
Thank you very much for your support 🙏
Thank you for the support