Last updated on November 15, 2013 by Dan Nanni
Netfilter is a packet filtering system within the Linux kernel used for intercepting and processing network packets.
iptables is a user-space program that relies on netfilter to implement stateless/stateful packet filtering for network firewalls, and address/port translation for NATs. There are many applications and tools that ease complex
iptables management tasks with higher-level interfaces via either command-line interfacces (e.g., CSF or firewalld) or graphical front-ends.
The following guide presents some of GUI-based
iptables management tools.
Shorewall is one of the most powerful and flexible
iptables configuration tool. Shorewall provides a high level abstraction of
iptables rules, making it easy to manage complex firewall settings and edit
iptables rules. While standalone Shorewall relies on plain-text configuration files to operate, there is a separate Webmin module for Shorewall with graphical front-ends.
Firestarter is an open-source graphical interface for Netfilter and
iptables. Besides standard firewall settings, Firestarter features a monitoring interface that reports firewall status (e.g., blocked connections and active connections being tracked) in real-time.
Firewall Builder (or fwbuilder) is an open-source GUI firewall configuration and management tool available for Linux, FreeBSD, MS Windows, and Mac OS X. Fwbuilder supports GUI-based configurations for
ipfw (FreeBSD/MacOS), as well as Cisco ASA/PIX firewalls, to generate firewall rulesets to be used on a target machine. It comes with a set of predefined firewall ruleset templates for commonly used firewall deployments.
Gufw (short for "GUI for Uncomplicated Firewall") is an easy-to-use GUI firewall manager for Debian/Ubuntu desktops. If all you need is simple firewall rules such as allowing/blocking ports for incoming/outgoing traffic, gufw will be probably sufficient for you.
Please note that this article is published by Xmodulo.com under a Creative Commons Attribution-ShareAlike 3.0 Unported License. If you would like to use the whole or any part of this article, you need to cite this web page at Xmodulo.com as the original source.