We’ve all been there, something is broken and you’ve gone through everything you can think of, checked all the configs, installed and reinstalled, googled and binged and it just wont work.. and then it dawns on you.. maybe it’s the firewall? Well of course it is, it (almost) always is! So in the (probably futile) hope of heading off future firewall blaming, here’s a collection of handy firewall tutorial guides for various platforms…
On pretty much every Linux box these days you will find iptables installed by default but it’s not exactly user friendly when it comes to configuring, however it is certainly worth learning the basics before heading for the easy(ish) front-ends mentioned further down this page. So here are some general iptables guides for you to wrap your brain around:
[Security Scanning Tools]
From the CentOS wiki we have this very useful getting started guide.
If Ubuntu is more to your liking, they too have an excellent ‘how to‘ guide for iptables.
If you still need more then you can find a load of useful iptables examples on nixCraft.
Besides the vanilla iptables there are a number of scripts/addons out there which provide a simpler interface and/or extend the functionality or at the very least simplify the creation of much more advanced iptables configurations.
CSF – A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers.
CSF is popular with cPanel servers (and other web based server management panels) but certainly doesn’t require one and it does quite a lot of useful stuff besides just creating iptables rules.
Basic CentOS / RedHat 6 Server Hardening / csf install / epel install
[Antivirus Tools for Techs]
Firestarter – a graphical interface for quickly configuring firewall rules and settings. No longer in active development but still a fully functional graphical interface to make your iptables life easier.
Firestarter from the Ubuntu wiki.
A Quick Tutorial from the official site.
UFW – Uncomplicated Firewall is the default firewall configuration tool for Ubuntu which is designed to make working with iptables simpler, even on the command line. For those who prefer a graphical interface there is also Gufw.
Shorewall – a gateway/firewall configuration tool for GNU/Linux.
pfSense – an open source firewall/router computer software distribution based on FreeBSD. pfSense is generally installed on a full computer to make a dedicated firewall device. It comes with a web interface and all the features you’d expect from a firewall device.
pfSense on Reddit – yes it even has its very own subreddit.
Hopefully you will find the above guides useful and no longer have to blame the firewall when things go wrong. (blame SELinux instead 😉 )