How to install and configure a graphical firewall client on Comice OS 4

Protecting your computer from network and physical attacks should be at the very top of your computing to-do list. And if you are new to Pear Linux Comice OS 4, a Linux distribution derived from Ubuntu Desktop, the network security aspect has been made a little bit easier for you.

And that is because on a new installation of Comice OS 4, which was recently reviewed here (see Pear Linux Comice OS 4 review), the firewall is enabled out of the box. Because of the default firewall rules, your computer is protected, even if you do not do anything else. Though your computer might be sitting behind a cable modem, fiber optic or DSL router with a firewall enabled, that does not negate the need for running a firewall on your computer. A good case for why this is highly recommended has been made in a previous article. See Why your computer needs a firewall enabled.

By the way, the firewall application is called ufw, the Uncomplicated FireWall. It is a command line frontend to IPTables, the original script for managing the Linux firewall. ufw was borne out of a need for a simple, easy-to-use alternative to IPTables. That is a very short history of ufw.

While it is easy to use, it is still a command line tool. For those not comfortable on the command line, there is a graphical interface for ufw. It is called Gufw. Installing it offers a more user-friendly interface for managing the firewall. This article show how to install and enable it.

You can install it from the command line or by using Pear Appstore, Comice OS’s graphical package manager. To install it from the command line, start a shell terminal, and type sudo apt-get install gufw. The screen shot below shows how it should be.
Comice OS 4 Install Gufw Firewall Terminal

From Pear Appstore, click on the Repository tab, and search for “gufw.” There should be just one result returned. Click on the Install button to download and install it.
Comice OS 4 Install Gufw Firewall

After installation has completed successfully, click the Start button to launch it.
Comice OS 4 Start Gufw Firewall

This is what Gufw looks like when it has not been enabled. To enabled it, click on the key button to unlock it. You will be required to authenticate.
Comice OS 4 Unlock Gufw Firewall

After it has been unlocked, click on the Status switch to enable it. And that is all you need to do. As stated earlier, unless you want to run a service that can be remotely accessed from other computers, you do not need to do anything else. The default rule, which allows all outgoing connections, while denying all incoming connections that have no related entry in the State table, keeps your computer protected.
Comice OS 4 Enable Gufw Firewall

A good way to keep an eye on what service is running on your computer, is to install an application called nmap, the Network Mapper. From the command line, type sudo apt-get install nmap to install it. You may also use Pear Appstore. Just search for “nmap.” After installation, type nmap localhost. The output will show a list of open ports on your computer. Make a note of the services listed. Run this command often just to make sure no service is running that you did not enable.

Related Posts

Manual LVM disk partitioning guide for Fedora 17 Anaconda, the Fedora system installation program, is one of the easiest and most feature-rich graphical installation programs available on any distrib...
Add cloud storage to with SMECloud Cloud computing is all the rage these days. But while the idea of using your browser to access your applications and documents sounds like a great ide...
How to install Oracle JRE on Fedora 20 and use alternatives to switch between it and OpenJ... All the Java components installed on Fedora (20) are provided by OpenJDK (Open Java Development Kit), a Free Software implementation of Java SE (Stand...
How to deploy OSSEC across a large network of systems from RPMs OSSEC is a Host-based Intrusion Detection System (HIDS). It is Free Software, made available under the GNU General Public License (version 2). It c...
How to dual-boot Linux Mint 17.2, Windows 10, Windows 8.1 on a PC with UEFI firmware This tutorial shows how to dual-boot Linux Mint 17.2 and either Windows 10 or Windows 8.1 on a single hard disk drive and on a computer with UEFI firm...
Apply the nuke patch to LUKS cryptsetup in Linux Mint 16 and Ubuntu 13.10 This short tutorial shows how to apply the Kali Linux nuke patch to LUKS cryptsetup in Linux Mint 16 and Ubuntu 13.10. From a physical security and...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


  1. Please rework the graphics and icons, they are poorly made and it looks cheap with that quality.

  2. Why isn’t the firewall app included by default instead?
    You have to go online without a firewall ON to get it?

  3. Pingback: Graphical firewall management on Comice « 0ddn1x: tricks with *nix

  4. Thanks for sharing this info.

Leave a Comment

Your email address will not be published. Required fields are marked *