Linux Firewalls – well Linux is an open source based operating system and as such, programmers have developed different firewall applications for it. Some are built into the operating system distribution package, Ubuntu, Suse, Red-Hat etc…
There are also other firewall applications built as a separate software based on the Linux operating system kernel. These firewalls are like the Turtle, Zorp GPL, LutelWall, Guarddog, IPcop, SmoothWall, PfSense and more…
The best deal about all of these firewalls, is that they are all free. They are based on an open source operating system, and as such, they are free of charge. Instead of paying for a very expensive firewall device unit, you might consider, preparing a computer, with Linux operating system, and a well configured Linux based firewall.
* IPTABLES: The IPTABLES is part of the Linux kernel applications which is part of the Netfilter modules, that enables system administrators to configure the firewall tables, using chains and rules to define the firewall restrictions. The IPTABLES can only be configured by the administrator privileges done under the user “Root”.
* Turtle: This application is based on Kernel 2.4 and IPTABLES. This is a pretty simple firewall to use and understand and you can define different of the firewall elements like the zones, hosts, networks etc… You also get to manage and decide which of the services to enable. The simplicity is that you can do all that by editing an XML file or by using Webmin (Linux web interface).
The application includes:
- — ZONES, NETWORKS, HOSTS and GROUPS definitions.
- — Filter rules definitions based on services.
- — New services definitions.
- — NAT (Network Address Translation)
- — Masquerading
* Zorp GPL: This is a proxy based firewall. This application enables the fine tuning of a proxy using a built in script language. It is using SSL, POP3 and HTTP protocols and it also supports the FTP, FINGER, WHOIS, TELNET protocols to set the rules of accessibility.
* LutelWall: This one is a high-level Linux firewall configuration tool. This tool enables an easy to use secured way to setup “Netfilter“. This tools is flexible and enables system administrators, to build a simple (home like) firewall, up to a most sophisticated and complex firewall. You can use multiple Sub-Nets, DMZ, traffic directions etc… It is a great tool for dedicated firewall systems, or a standalone system as a multifunction gateway/router/server. This is a tool that enables the use of the simplicity and ability of open source Linux operating systems.
- — Traffic features includes: Flexible traffic management, using rules, multiple external and internal interfaces, masquerade and sNAT support, easy setup of DNAT, LAN and DMZ, TOS (Type of Service) for optimizing traffic, FTP, DHCP and more.
- — Security features includes: TCP chains, blocking of many types of access and scanning protocols, TCP/IP Fingerprinting, Anti-spoof and Anti-smurf protection, Flood protection.
- — Logging features includes: Logging FIN, Xmas, Tree, Null, ACK scan modes and any fingerprints being used.
- — Other features in additions are: Auto detection of static/dynamic connection, automatic updates for the firewall tools, showing firewall statistics in native IPTABLESexported to CSV or HTML format.
* Guarddog: This is a firewall configuration utility for Linux systems. This program is intended for both beginners and intermediate users who do not master TCP/IP networking and security. This application has a GUI (easy to use graphic user interface) that enables a simple description of what you need the firewall to do, and the system enables it, without a deep understanding of what exactly goes under the hood of it all.
* IPcop: This tool is most commonly being used on SOHO devices. This one also has a web-interface configuration panel, which is very user friendly. (IPcop Manual)
* SmoothWall: This version is a GPL Linux distribution system, designed to be an open source firewall. This application has a web-based GUI which require almost no knowledge of the Linux operating system to configure it’s firewall system. This system is based on the Red-Hat Linux distribution operating system.
* PfSense: This FreeBSD operating system based application is designated to be used as a firewall or a router. This solution offers a more cost effective advanced featured firewall for the personal computer (PC). This replaces a more commercial expensive firewall solution.
There are of course many other open source, Linux based firewall applications and systems, but those are some examples of what you can do (“do it yourself”) in terms of building your own free firewall system.
Some Additional Info