Actions

Host Firewall Basics

From Whonix


Introduction[edit]

It is recommended to use a simple host firewall and deny any incoming connections on all ports. For a Linux host OS like Debian, Ubuntu and Arch Linux, gufw [archive] provides a simple graphical user interface for the Uncomplicated Firewall [archive] program. [1] It is easy to perform common tasks like blocking or allowing P2P, individual, or pre-configured ports.

How-to: Install and Configure a Firewall[edit]

The following steps install gufw on a Debian host [archive].

1. Install gufw. 

sudo apt-get update && sudo apt-get install gufw

2. Start gufw. 

gufw

3. Press Unlock. Enter the password.

4. Press Enabled. [2]

5. Check the settings.

By default, the settings should be Incoming: Deny and Outgoing: Allow.

Although not recommended, it is possible to add special firewall rules, use pre-configured options for common programs and services, or set other advanced options in gufw by following this guide [archive].

For further information on firewalls, see here.

References[edit]

  1. Uncomplicated Firewall by itself only provides a command-line interface for managing the netfilter firewall. Iptables [archive] are used by the program for configuration.
  2. The firewall is disabled by default.

Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png

Share: Twitter | Facebook

Are you proficient with iptables? Want to contribute? Check out possible improvements to iptables [archive]. Please come and introduce yourself in the development forum [archive].

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.

Retrieved from "https://www.whonix.org/w/index.php?title=Host_Firewall_Basics&oldid=48327"