Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Most Distros have their own FW's available and active on them. For instance, Fedora uses the SELinux FW, Suse uses the AppArmour FW. Check with your distros package management site.
You just need to learn how to use them.
If you are thinking of using something like Smoothewall, read the HOW-TOs on the Smoothewall home page.Also go read the several sites on the Internet on IPtables and how they work.
Alternatively, what I do is this; I have my PC's attached to a routered network and use the default firewalls inherent to the OS. The Router acts like a hardware Firewall, and then all SElinux needs to do is monitor LAN cross traffic.
This method is the simplest.
If you are still Gung-Ho at using a 3rd party FW for your LAN ... then Smooth Wall goes on a PC separate from the one you logged onto this Forum with.
graphically its like this::
internet --> modem --> Gateway [Firewall} PC --> LAN Switch or Hub [ switch is better]--> LAN PC's
or Using a router , like this ::
Internet--> modem --> Router --> LAN PC's
So a router is much simpler
And routers are not that expensive
But if you are persistent on learning IPchains method , read the HowTo's on the net ... and read the Smoothewall site info and go from there .
The default "firewall" built into Linux is called Iptables. It is a front end for netfilter which is built into the Linux kernel itself. Iptables is a program that can be a little difficult to setup, as the syntax is a little bit strange until you get used to it, but not so much that you should shy away from it. Once you do get used to it, writing scripts for iptables becomes somewhat of an art. There are also GUI applications to assist with the setup, like UFCW and Firestarter, though this will depend on your distribution.
As far as for blocking websites, I assume you mean that you want to prevent others from being able to access certain sites. In this case, you would want to use a proxy, such as Squid. Squid may also provide bandwidth monitoring.
One application that I like to use to monitor network activity is Iftop. On the surface, it looks like a simple program, much like Top, but has a lot of capability.
I don't really consider AppArmor and SELinux to be "firewalls". In my opinion, those are more of a system hardening application where it enforces access rights as an extension to the standard Linux permissions system.
I want configure open source firewall on my office for websites blocking and bandwidth monitoring.
Can any please tell me which is the beast free open source firewall........
Regards
Thirupathi
Yes as said above. IPTables is your standard linux network firewall these days. Your distro probably comes with a graphical utility to make firewall rules.
So to block access to a certain website a rule such as:
You might consider using a proxy, as suggested, but use a white list instead of a black list. Allow traffic only to locations that employees need to use for their job.
Most Distros have their own FW's available and active on them. For instance, Fedora uses the SELinux FW, Suse uses the AppArmour FW. Check with your distros package management site.
You just need to learn how to use them.
Selinux is not a firewall. It is an extended Access Control program for Linux.
Apparmor is not a firewall. It is an application security module for Linux.
One application that I like to use to monitor network activity is Iftop. On the surface, it looks like a simple program, much like Top, but has a lot of capability.
I would like to say a few words about 2 other tools:
- netwatch
- iptraf
I use both and I like them. Hope my modest advice could be helpful to somebody. :-)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
