Every PC needs protection. Even though the Linux operating system has a reputation for being nearly crack-proof, it is irresponsible to assume this true. Any operating system connected to a network is vulnerable in some way or other and having as much protection as you can is the only way to use a computer intelligently.
Now with the Linux operating system you have a lot of choices for protection. But one of the easiest to use is Firestarter. Firestarter is one of the easiest-to-use firewalls I have used. And with this simplicity does not come a sacrifice to security. Just because it's easy does not mean it lacks protection. Firestarter is powerful and has a ton of features. In this article you will learn how to install Firestarter and set up a basic desktop firewall.
Firestarter includes such features as:
and much, much more.
The installation of Firestarter is simple. Because it will most likely be found in your distributions' repositories you will only need to follow these steps for installation:
You will find the Firestarter executable located in the Administration sub-menu of the System menu (in GNOME). When you first run Firestarter the wizard will open up. The first screen is the usual Welcome screen so you can just click the Forward button. The first screen you will have to do any configuration with is the Network Device Setup (see Figure 1). In this screen you need to set which interface Firestarter is to listen to. I am using a laptop so I will select my wireless device.
The next screen (see Figure 2) asks if you need to use internet connection sharing to set your machine up as a gateway. If you do you will need to first click the check box to enable it and then select an interface for the other machines to connect to. If you need to use your machine as a DHCP server you will have to have that installed outside of Firestarter.
Once you have taken care of connection sharing (if it is needed) click the Forward button and you're done. The last screen wants to know if you want to start the firewall immediately and has you save your configuration.
While Firestarter is running you will see a small icon in your notification area that looks like a blue circle with a right-pointing triangle. If you click on that it will open up the Firestarter main window (see Figure 3). From this window you can Stop the firewall, lock the firewall, view the events log, edit both your inbound and outbound policies, and monitor active connections.
In order to monitor active connections expand the Active Connections listing which will list every connection made to and from your machine. In both the Active connections section and the Events tab you can right click an entry and take action. For instance, in the Active Connections section you can right click an entry and look up the hostname of that entry. In the Events tab you can do more. If you right click an entry in the Events tab you can do the following:
Finally, in the Policy tab, you can right click any blank area and add a rule that will apply to a connection from a host or to a port/service. When you go to add a rule you will only need enter the IP address (or domain) and then add a comment.
Firestarter makes the often daunting task of creating a firewall for a Linux machine simple. If you have ever dealt with iptables you will understand when I say this is a huge relief for desktop users who do not want to take the time to learn to use the underlying technology.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.