Graphical tools for firewall configuration

Conclusions

The firewall GUIs discussed here are all suitable for securing IT infrastructures. However, the individual tools focus on different user groups and scenarios: Gufw is somewhat out of the ordinary, because it primarily targets desktop systems. PeerGuardian is not a classic firewall interface but is limited to working with blocklists. The software does not let you implement complex rule constructs, but it is useful as a firewall extension.

Fwbuilder, firewalld, and Shorewall primarily target server systems and therefore have far more features. Fwbuilder is also suitable for use in heterogeneous environments with various server operating systems and even with some manufacturers' appliances. The software can compile appropriate configuration files depending on a firewall's syntax. On the other hand, Shorewall can be configured with Webmin and thus managed from remote computers.

Thus, you are spoiled for choice (for an overview of features, see Table 1). In the end, your choice depends on your distribution and network security requirements.

Table 1

An Overview of Firewall GUIs

Feature

firewalld

fwbuilder

Gufw

Shorewall

Requirements

Netfilter

Netfilter and iptables

Netfilter and iptables

Netfilter and iptables

Cross-Platform

No

Yes

No

No

Remote Host

No

Yes

Yes

Yes

IPv4/IPv6

Yes/Yes

Yes/Yes

Yes/Yes

Yes/Yes

Zone Model

Yes

No

Yes (profile)

Yes

Chain and Control Model

No

Yes

Yes

Yes

Dynamic

Yes

No

No

No

Application Integration

No

No

Yes

Limited

Logging

Limited

No

Yes

Yes

Wizard

No

Yes

Limited

No

Primary Application

Server

Server, desktop, cluster, appliance

Desktop

Server, desktop, appliance

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Persistent iptables

    The Linux iptables packet filter lacks an easy way to load rules automatically after restarting a system, but you can automate this process several ways.

  • Firewalls Intro

    Firewalls are becoming evermore sophisticated. Luckily, the tools for managing firewalls are becoming simpler and more accessible for ordinary users

  • Shorewall

    When users think about their workstations at home, they often forget about security. But danger is out there,waiting to pounce on the unsuspecting. Shorewall helps everyday Linux users keep the intruders away.

  • KTools: KMyFirewall

    Linux has a fantastic selection of firewalls for securing stand-alone computers or whole networks. Although you can use IPTables to set up a firewall, the configuration is often the most difficult step. KMyFirewall offers a powerful, user-friendly, GUI-based approach.

  • Firewall Logfile Analyzers

    Netfilter firewalls create highly detailed logfiles that nobody really wants to inspectmanually. Logfile analysis tools like IPtables Log Analyzer,Wallfire Wflogs,and FWlogwatch help administrators keep track of developments and filter for importantmessages.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

News