Set intruders on fire with firewalld and firewall-config GUI
Posted: Sun Dec 29, 2019 9:43 am
MX being Debian in nature ships with Uncomplicated Fire Wall (ufw) as the default firewall.
However there are better alternatives namely firewalld.
Firewalld is a front to Iptables and has a lot of functionality such as services,ports,zones,port-forwarding etc.
To install it run
After installing thus both firewalld and its control GUI
You will be able to open services and ports on your firewall (and many many other things)
Either manually by using
firewall-cmd
OR via the GUI which is named "Firewall" in xfce search.
Some examples:
BUT you can also use the GUI which is much easier.
CAVEAT:After installing a new daemon or service remember to ALWAYS open its port n firewalld OR it may NOT FUNCTION properly
Have fun with firewalld
...and burn all the "freaking" intruders off.
IF you find opening ports and allowing services too much of a headache for you then disable firewalld and RE-ENABLE ufw.
However there are better alternatives namely firewalld.
Firewalld is a front to Iptables and has a lot of functionality such as services,ports,zones,port-forwarding etc.
To install it run
Code: Select all
systemctl disable ufw OR ###for sysvinit
update-rc.d ufw disable
apt update && apt install firewalld firewall-config
You will be able to open services and ports on your firewall (and many many other things)
Either manually by using
firewall-cmd
OR via the GUI which is named "Firewall" in xfce search.
Some examples:
Code: Select all
firewall-cmd --add-service="ssh" --permanent ####ADD THE SSH SERVICE
firewall-cmd --add-port=22/tcp --permanent ###ADD THE SSH SERVICE BY SPECIFYING ITS PORT NUMBER
firewall-cmd --reload #####ALWAYS RUN THIS AFTER ADDING SERVICES OR PORTS TO THE FIREWALL TO MAKE THEM PERSISTENT
firewall-cmd --get -services ####TO GET ALL THE AVAILABLE SERVICES
firewall-cmd --get-default ####TO GET THE DEFAULT OPERATIONAL ZONE
firewall-cmd set-default <desired-zone> --permanent ###TO SET THE DEFAULT ZONE
BUT you can also use the GUI which is much easier.
CAVEAT:After installing a new daemon or service remember to ALWAYS open its port n firewalld OR it may NOT FUNCTION properly
Have fun with firewalld
...and burn all the "freaking" intruders off.
IF you find opening ports and allowing services too much of a headache for you then disable firewalld and RE-ENABLE ufw.