Every computer needs a good firewall for protection against various
threats on the Internet. One recommendation is to use a hardware-based device
to protect your computer or network, but an “out-of-the-box” device is
not always sufficient–it may not be powerful enough, or it may not require the
features you need. Fortunately, Linux makes a secure firewall, and with some
older hardware, you can set up a dedicated firewall system.
When you’re working with a Linux firewall, manipulating
iptables can be daunting. Even comprehensive packages like Shorewall require a
fair amount of knowledge and time to configure. Using a GUI tool with a
walk-through wizard, such as Firestarter, is typically much easier than
fiddling with text-based configuration files and shell scripts. However, you
should note that Firestarter still identifies iptables as a pre-requisite,
because it simply configures iptables rules for your firewall.
Firestarter uses an intuitive GUI interface to explain,
step-by-step, each item that’s configured. The initial wizard tells Firestarter
whether or not you use DHCP, whether or not to allow Internet Connection Sharing
(which is a must if you use the machine as a dedicated firewall for your
network), and which is the internet-connected interface.
Another nice feature about Firestarter is that you can
define an outbound traffic policy, which allows you to be permissive or
restrictive by default. You can fine-tune the services and sites that are
denied or accessible. In addition, you can easily add a new rule by clicking on
the list space in the Policy tab and selecting Add Rule. Common service names
are listed for easy selection.
With a slick GUI and comprehensive help, both in the program
and online, Firestarter is an excellent firewall management tool. To download or find out more information
about Firestarter, visit this Web site.
Tuesday, TechRepublic’s free Linux NetNote provides tips, articles, and other
resources to help you hone your Linux skills. Automatically
sign up today!