Graphical Firewall Clients for Linux Desktops

The Linux kernel has a built-in firewall called IPTables. Therefore, regardless of your (Linux) distro of choice, the firewall in use will always be the same. But while some distros ship with a gui client to configure and manage the firewall, others do not. Fedora, Mandriva, Parsix, and Sabayon, are example of Linux distros that install a graphical firewall client by default.

Some distros ship with command line firewall scripts (ufw is a popular one) for configuring and managing the Linux firewall, but we don’t expect everybody to be comfortable using shell scripts, especially when there are very good graphical clients that simplify the task of configuring and managing iptables. There are many (gui) clients to choose from, some better than others. For this article, we are going to look at the five of the better designed graphical firewall solutions.

Here they are in alphabetical order:

  • Guarddog: A nice gui client for novice to intermediate users. All the documentation you need is available in the Guarddog Handbook. To install this client, use your distros package manager to search for the string guarddog. Once installed, it will likely be placed under “Internet” in the menu tree.

  • ebox-firewall: This is a recent addition to this group of open source applications, and it is a component of the ebox platform. Management is via a browser-based interface. To install, use your distros package manager to search for the string “ebox-firewall”. Once installed, point your browser to “https://localhost/ebox”. The docs are available here.
  • Firestarter: A GTK program for managing and monitoring iptables. Distros that ship with a graphical firewall client pre-installed typically use Firestarter. This is the firewall client installed in Linpus, and it is fairly easy to use. The default configuration should be sufficient for most users, but if you want to create custom rules, it’s all point and click. If stumped, the Firestarter doc is your best friend.
  • KMyFirewall: This a KDE firewall client with very good configuration options. You’ll find it installed by default in Sabayon. Like Firestarter, the out-of-the-box configurations should be enough, but if you know what you are doing, creating custom rules (rulesets) is easy.
  • nuapplet: This is the cleint interface to Nufw, a very powerful authenticating firewall. Where other firewall solutions manage traffic by IP addresses, Nufw gives you the capability to affect traffic also by user id. Installing this requires the installation of the server, “nufw”, and the client, “nuapplet”. Once installed, you will find an entry for “nuapplet” under “Internet” in the menu tree. Documentation is available here

There are a few more, but these are the best ones for most users. Of the five listed above, Nufw, and ebox-firewall are, for the average desktop user, overkill. To install ebox-firewall, for example, requires the installation of postgresql, apache 2, and a few other applications and several libraries. For the vast majority of users, we recommend any one of Guarddog, KMyFirewall, or Firestarter (assuming that your distro does not have a firewall client installed), but if you want to take a walk on the geek side, feel free to try nuapplet (Nufw) or ebox-firewall.

As a unit, a Linux distro is more secure – out of the box – than any Microsoft Windows operating system (this is one of the reasons why we encourage Windows users to switch to Linux). However, securing your distro goes beyond configuring a firewall. There are other aspects to running a secure desktop, but those will be addressed in another post.

Related Posts

Manual disk partitioning guide for Linux Mint Debian Edition Linux Mint Debian Edition, or LMDE, is the edition of Linux Mint based on Debian Testing. The latest release was made available for download on Decemb...
How to keep your Boot EFI partition clean of old Linux bootloader folders This tutorial shows how to delete bootloader folders of Linux distributions that you have deleted from a dual-boot system. Imagine for a moment tha...
Dual-boot Linux Deepin 12.06 and Windows 7 on a computer with 2 hard drives Linux Deepin is a Linux distribution based on Ubuntu Desktop. Like Pear Linux, it ships with a custom GNOME 3 interface that is more user-friendly tha...
How to enable btrfs on Fedora 14 Like Fedora 13, Fedora 14, the latest version of Fedora, has support for btrfs. However, it is not enabled out of the box, that is, it is not availabl...
How to customize Linux Deepin 12.12 Summary: How to customize Linux Deepin 12.12 offers a few steps you can take to make a default installation of Linux Deepin 12.12 a little bit more us...
Managing startup applications on Deepin 2014 Since Deepin 2014 was released, I've been trying to figure how how to add and remove applications from the startup applications manager. Turns out tha...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*