Graphical Firewall Clients for Linux Desktops

The Linux kernel has a built-in firewall called IPTables. Therefore, regardless of your (Linux) distro of choice, the firewall in use will always be the same. But while some distros ship with a gui client to configure and manage the firewall, others do not. Fedora, Mandriva, Parsix, and Sabayon, are example of Linux distros that install a graphical firewall client by default.

Some distros ship with command line firewall scripts (ufw is a popular one) for configuring and managing the Linux firewall, but we don’t expect everybody to be comfortable using shell scripts, especially when there are very good graphical clients that simplify the task of configuring and managing iptables. There are many (gui) clients to choose from, some better than others. For this article, we are going to look at the five of the better designed graphical firewall solutions.

Here they are in alphabetical order:

  • Guarddog: A nice gui client for novice to intermediate users. All the documentation you need is available in the Guarddog Handbook. To install this client, use your distros package manager to search for the string guarddog. Once installed, it will likely be placed under “Internet” in the menu tree.

  • ebox-firewall: This is a recent addition to this group of open source applications, and it is a component of the ebox platform. Management is via a browser-based interface. To install, use your distros package manager to search for the string “ebox-firewall”. Once installed, point your browser to “https://localhost/ebox”. The docs are available here.
  • Firestarter: A GTK program for managing and monitoring iptables. Distros that ship with a graphical firewall client pre-installed typically use Firestarter. This is the firewall client installed in Linpus, and it is fairly easy to use. The default configuration should be sufficient for most users, but if you want to create custom rules, it’s all point and click. If stumped, the Firestarter doc is your best friend.
  • KMyFirewall: This a KDE firewall client with very good configuration options. You’ll find it installed by default in Sabayon. Like Firestarter, the out-of-the-box configurations should be enough, but if you know what you are doing, creating custom rules (rulesets) is easy.
  • nuapplet: This is the cleint interface to Nufw, a very powerful authenticating firewall. Where other firewall solutions manage traffic by IP addresses, Nufw gives you the capability to affect traffic also by user id. Installing this requires the installation of the server, “nufw”, and the client, “nuapplet”. Once installed, you will find an entry for “nuapplet” under “Internet” in the menu tree. Documentation is available here

There are a few more, but these are the best ones for most users. Of the five listed above, Nufw, and ebox-firewall are, for the average desktop user, overkill. To install ebox-firewall, for example, requires the installation of postgresql, apache 2, and a few other applications and several libraries. For the vast majority of users, we recommend any one of Guarddog, KMyFirewall, or Firestarter (assuming that your distro does not have a firewall client installed), but if you want to take a walk on the geek side, feel free to try nuapplet (Nufw) or ebox-firewall.

As a unit, a Linux distro is more secure – out of the box – than any Microsoft Windows operating system (this is one of the reasons why we encourage Windows users to switch to Linux). However, securing your distro goes beyond configuring a firewall. There are other aspects to running a secure desktop, but those will be addressed in another post.

Related Posts

Upgrading OSSEC 2.7 to 2.8 and the bro-ids rule issue 'Tis the season for upgrading. This hour, the target is OSSEC. Next will be a Cloud server running Ubuntu 12.04 LTS, which will be upgraded to Ubun...
Install NTP, openSSH-server, and Java JRE on Ubuntu 9.10 So you are now using Ubuntu 9.10, the latest version of the Linux operating by Canonical Ltd. I'm sure you like it. Life is good with Ubuntu! It reall...
Dual-boot Windows 8 and Linux Mint 17 on a PC with 2 disks and UEFI firmware This tutorial shows how to dual-boot Linux Mint 17 and Windows 8 on a computer with two hard drives and UEFI firmware. For a guide on how to perform t...
Install a graphical firewall client on Ubuntu 9.10 Although Ubuntu 9.10 (aka Karmic Koala) ships with a command line firewall script - ufw (Uncomplicated FireWall) - for configuring IPTables (netfilter...
Manual disk partitioning guide for Linux Mint Debian The latest ISO installation images for Linux Mint Debian, the line of Linux Mint based on Debian, were made available for download a few days ago. Whi...
Homerun: Quite possibly the best app launcher for your desktop Fullscreen application menus or launchers (or whatever else you what to call them) are modern replacements for the traditional or classic application ...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).


Leave a Comment

Your email address will not be published. Required fields are marked *

*