Actions

Host Firewall Basics

From Whonix


Introduction[edit]

It is recommended to use a simple host firewall and deny any incoming connections on all ports. For a Linux host OS like Debian, Ubuntu and Arch Linux, gufw [archive] provides a simple graphical user interface for the Uncomplicated Firewall [archive] program. [1] It is easy to perform common tasks like blocking or allowing P2P, individual, or pre-configured ports.

How-to: Install and Configure a Firewall[edit]

The following steps install gufw on a Debian host [archive].

1. Install gufw.

sudo apt-get update && sudo apt-get install gufw

2. Start gufw.

gufw

3. Press Unlock. Enter the password.

4. Press Enabled. [2]

5. Check the settings.

By default, the settings should be Incoming: Deny and Outgoing: Allow.

Although not recommended, it is possible to add special firewall rules, use pre-configured options for common programs and services, or set other advanced options in gufw by following this guide [archive].

For further information on firewalls, see here.

References[edit]

  1. Uncomplicated Firewall by itself only provides a command-line interface for managing the netfilter firewall. Iptables [archive] are used by the program for configuration.
  2. The firewall is disabled by default.


Want to make Whonix safer and more usable? We're looking for helping hands. Check out the Open Issues [archive] and development forum [archive].

https [archive] | (forcing) onion [archive]
Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.

Monero donate whonix.png