FirewallD on Ubuntu , for those unwilling to use controls or the Project Pillowcase configuration file has made available a graphical tool called firewall-config.
Before beginning is necessary to identify, at the top , the voice configuration , which will provide access to the volatile or permanent. Some changes are possible in the permanent mode, such as adding a service not listed
We can see how Skype and ssh services are enabled , to create a service must navigate to the Services tab and press the ” + ” button.
Now that the service object was created we have to insert the reference port , try mongodb in the list and go onto the tab ” Ports and Protocols ” press the Add button.
Press ok. The mongodb service has now been created . Using this db for internal things at my job so it is used only by myself so I added an additional check using the tab target set that the connection is permitted only if it comes from “localhost”.
Now let’s see how to create a rich -rule . Choose in which area create the rules, public for this example . Open the tab Rules Extended and press the edit button on the rule that we have entered by hand in the previous examples.
This way you can build rich -rule as we have seen from the command line.
Assigning Zones
Now that there are areas on our notebook we see how to define the assignment based on the connection , so there NetworkManager .
Using the utility nm-connection-manager you can create wired/wireless network profiles depending on where we connect .
Using this feature very much in fact I have a pretty full list. By accessing the properties of a network profile we can enter the relevant zone of FirewallD on Ubuntu.
Let’s see in detail the sede_dhcp profile.
All my profiles have automatic connection disabled and FirewallD zone assigned , so I decide what to use at the time .
Obviously it is a zone can be assigned to all connection types (wired, wireless , and also to the vpn profiles ) .
I hope this little guide on FirewallD on Ubuntu can be of help to improve your network security device.
Enjoy.
Latest posts by Federico (see all)
- Let’s Encrypt on pfSense – webConfigurator - Apr 04,2017
- Isc Dhcpd Openldap on Ubuntu 16.04 - Oct 03,2016
- yEd graph editor – Ubuntu 16.04 - Sep 01,2016
Federico
Leave a Comment