portmaster network monitor linux
Image: vegefox.com/Adobe Stock

Portmaster isn’t just a cross-platform network monitor — it’s also a very powerful security tool that can help to lock down your desktops and block things like ads, trackers and malware. I’ve been using Portmaster on my primary Linux desktop and I can attest to its ability to block incoming traffic.

I recently had an incident when, for whatever reason (probably because I was feeling lazy and didn’t want to make the trek to my office at the end of the house), I had to SSH into my desktop from another machine on the LAN. I’d forgotten Portmaster was running, and I hadn’t yet made a rule to allow that particular IP address through. No matter what I tried, I couldn’t get in. But after I added the allow rule, entrance through the required port was permitted and all was well.

SEE: Hiring Kit: Network Engineer (TechRepublic Premium)

I would like to show you just how to add such a rule to Portmaster so you too can allow specific traffic into a machine.

What you’ll need

To make this work, you’ll need Portmaster installed. It does not matter what operating system you use, as the Portmaster UI is the same across the board. However, I am going to be demonstrating opening the SSH service to an IP address. If your machine doesn’t include SSH, you’ll have to exchange that service for something else.

How to open the Secure Shell port

Open the Portmaster interface, which can be done from your system tray if it’s already running. In the main window (Figure A), click the Apps Overview button.

Figure A

The Apps Overview icon is in the blue square.

In the resulting window (Figure B), type sshd in the search field.

Figure B

The Portmaster Apps Overview window.

Click the sshd entry and, in the new screen, scroll down until you see the Incoming Rules section (Figure C).

Figure C

The Incoming Rules section of the sshd entry.

The first thing you want to do is make sure Block Connections is in the ON position, because you don’t want just any SSH connection to be allowed. Next, click Add Rule.

From the Select drop-down, select Allow and then type the IP address you want to allow through the SSH port (Figure D). When finished, click the checkmark to save the rule.

Figure D

Allowing 192.168.1.13 through the firewall.

One thing I’ve noticed is that it’s always best to add the incoming rule before you attempt to SSH into the machine. I’ve had instances when, after attempting an SSH connection, adding the rule for that IP address failed to work. However, I’ve never had an instance where the Portmaster global rules would block a connection if the rule was added before an attempted SSH login. The lesson here is to always add rules before attempting to connect.

And that’s all there is to open a port with Portmaster. I’ve found this app to be an invaluable tool for not only locking down my desktops but for much better and easier control over what is allowed in and out of any given system. I highly recommend this free, open-source tool for all of your desktops and laptops — and, if they have a GUI, your servers as well.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.

Subscribe to the Developer Insider Newsletter

From the hottest programming languages to commentary on the Linux OS, get the developer and open source news and tips you need to know. Delivered Tuesdays and Thursdays

Subscribe to the Developer Insider Newsletter

From the hottest programming languages to commentary on the Linux OS, get the developer and open source news and tips you need to know. Delivered Tuesdays and Thursdays