LINUX SERVER FIREWALLS
LINUX SERVER FIREWALLS
Iptables/Netfilter is the most popular command line based firewall. It is the first line of defence of a Linux server security. Many system administrators use it for fine-tuning of their servers. It filters the packets in the network stack within the kernel itself. You can find a more detailed overview of Iptables here.
Features of IPtables
- It lists the contents of the packet filter rule set.
- It’s lightning fast because it inspects only the packet headers.
- You can Add/Remove/Modify rules according to your needs in the packet filter rule sets.
- Listing/zeroing per-rule counters of the packet filter rule sets.
- Supports Backup and restoration with files.
2. IPCop Firewall
IPCop is an Open Source Linux firewall distribution, IPCop team is continuously working to provide a stable, more secure, user friendly and highly configurable Firewall management system to their users. IPCop provides a well designed web interface to manage the firewall. It’s very useful and good for Small businesses and Local PCs.
You can configure an Old PC as a secure VPN to provide a secure environment over the internet. It’s also keeps some frequently used information to provide better web browsing experience to its users.
Features of IPCop Firewall
- Its Color coded Web Interface allows you to Monitor the performance Graphics for CPU, Memory and Disk as well as Network throughput.
- It views and auto rotate logs.
- Support Multiple language support.
- Provides very secure stable and easily implementable upgrade and add on patches.
Shorewall or Shoreline Firewall is another very popular Open source firewall specialized for GNU/Linux. It is build upon the Netfilter system built into the Linux kernel that also supports IPV6.
Feature of Shorewall
- Uses Netfilter’s connection tracking facilities for stateful packet filtering.
- Supports a wide range of routers/firewall/gateway applications.
- Centralized firewall Administration.
- A GUI interface with Webmin control Panel.
- Multiple ISP support.
- Supports Masquerading and port forwarding.
- Supports VPN
4. UFW – Uncomplicated Firewall
UFW is the default firewall tool for Ubuntu servers, it is basically designed to lesser the complexity of the iptables firewall and makes it more user friendly. A Graphical user interface of ufw, GUFW is also available for Ubuntu and Debian users.
Features of UFW
- Supports IPV6
- Extended Logging options with On/Off facility
- Status Monitoring
- Extensible Framework
- Can be Integrated with Applications
- Add/Remove/Modify Rules according to your needs.
IPFire is another open source Linux based firewalls for Small Office , Home Office (SOHO) environments. Its designed with modularity and highly flexibility. IPfire community also took care of Security and developed it as a Stateful Packet Inspection(SPI) firewall.
Features of IPFire
- Can be deployed as a firewall, a proxy server or a VPN gateway.
- Content filtering
- Inbuilt Intrusion detection system
- Supports through Wiki, forums and Chats
Support hypervisors like KVM, VmWare and Xen for Virtualization environment.
Content credit: FZMOVIES