Tutorials/Tips

Graphical Firewall Clients for Linux Desktops

The Linux kernel has a built-in firewall called IPTables. Therefore, regardless of your (Linux) distro of choice, the firewall in use will always be the same. But while some distros ship with a gui client to configure and manage the firewall, others do not. Fedora, Mandriva, Parsix, and Sabayon, are example of Linux distros that install a graphical firewall client by default.

Some distros ship with command line firewall scripts (ufw is a popular one) for configuring and managing the Linux firewall, but we don’t expect everybody to be comfortable using shell scripts, especially when there are very good graphical clients that simplify the task of configuring and managing iptables. There are many (gui) clients to choose from, some better than others. For this article, we are going to look at the five of the better designed graphical firewall solutions.

Here they are in alphabetical order:

  • Guarddog: A nice gui client for novice to intermediate users. All the documentation you need is available in the Guarddog Handbook. To install this client, use your distros package manager to search for the string guarddog. Once installed, it will likely be placed under “Internet” in the menu tree.

  • ebox-firewall: This is a recent addition to this group of open source applications, and it is a component of the ebox platform. Management is via a browser-based interface. To install, use your distros package manager to search for the string “ebox-firewall”. Once installed, point your browser to “https://localhost/ebox”. The docs are available here.
  • Firestarter: A GTK program for managing and monitoring iptables. Distros that ship with a graphical firewall client pre-installed typically use Firestarter. This is the firewall client installed in Linpus, and it is fairly easy to use. The default configuration should be sufficient for most users, but if you want to create custom rules, it’s all point and click. If stumped, the Firestarter doc is your best friend.
  • KMyFirewall: This a KDE firewall client with very good configuration options. You’ll find it installed by default in Sabayon. Like Firestarter, the out-of-the-box configurations should be enough, but if you know what you are doing, creating custom rules (rulesets) is easy.
  • nuapplet: This is the cleint interface to Nufw, a very powerful authenticating firewall. Where other firewall solutions manage traffic by IP addresses, Nufw gives you the capability to affect traffic also by user id. Installing this requires the installation of the server, “nufw”, and the client, “nuapplet”. Once installed, you will find an entry for “nuapplet” under “Internet” in the menu tree. Documentation is available here

There are a few more, but these are the best ones for most users. Of the five listed above, Nufw, and ebox-firewall are, for the average desktop user, overkill. To install ebox-firewall, for example, requires the installation of postgresql, apache 2, and a few other applications and several libraries. For the vast majority of users, we recommend any one of Guarddog, KMyFirewall, or Firestarter (assuming that your distro does not have a firewall client installed), but if you want to take a walk on the geek side, feel free to try nuapplet (Nufw) or ebox-firewall.

As a unit, a Linux distro is more secure – out of the box – than any Microsoft Windows operating system (this is one of the reasons why we encourage Windows users to switch to Linux). However, securing your distro goes beyond configuring a firewall. There are other aspects to running a secure desktop, but those will be addressed in another post.

Related Posts

Dual-boot Ubuntu 14.04 and Windows 7 on a PC with UEFI firmware This post shows how to dual-boot Ubuntu 14.04 and Windows 7 on a computer with UEFI firmware. Note that the computer I used for the tutorial is not an...
6 things to do after installing OpenMandriva Lx 2013.0 OpenMandriva Lx 2013.0 is the first stable release of OpenMandriva, a Linux desktop distribution that is a community-continuation of what used to be M...
How to customize Pear Linux 6 Pear Linux 6, code-named Bartlett, is the latest release of Pear Linux, or Pear OS, a desktop distribution based on Ubuntu Desktop. Unlike its parent ...
GRUB-Install errors while attempting to dual-boot Windows 10 and Linux distributions Since Windows 10 was released, I've made several attempts to set up dual-boot systems between it and a few Linux distributions (Fedora 22, Ubuntu 15.0...
Managing startup applications in GNOME 3 If you wanted to set up an application or applications in GNOME 3 to launch on boot, you'll probably go looking for a module in the desktop's System S...
How to install Ubuntu on a btrfs file system Ubuntu 10.10 beta is the latest Linux distribution release to have support for the btrfs file system. Btrfs (B-tree File System) is a copy-on-write fi...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


Leave a Comment

Your email address will not be published. Required fields are marked *

*