Firewall Using Firehol

= Firehol =

is a dream firewall to anyone with network experience, as it is very similar to command prompt of Cisco etc.

It is iptables wrapper and front-end, no extra daemons or loads.

I use it desktop, servers, gateways.

Kernel
Optional, set the following:

Even more secured, for gateways, Set the following:

Setup
For each interface add:

Files
Configuration /etc/firehol/firehol.conf

Services /etc/firehol/services/*.conf

Simple Desktop
The following rules allow only outgoing communications:

Complex Desktop
The following example enables the following:
 * Access public Internet via eth* wlan* ppp* interfaces outgoing communications only.
 * Access of interfaces br0 (VMs, see VM_Tap_Networking), usb0, pan0 which are a mobile device with access to incoming communcations.
 * Access of interface vpn0 (OpenVPN, see OpenVPN_Non_Root) communications only to VPN host.
 * NAT between br0 (VMs, see VM_Tap_Networking) and usb0 to the Internet, to allow Internet access to these nodes.
 * Standard rules includes Microsoft Domain integration and dropping Microsoft broadcasts.

NAT Gateway
Simple NAT Gateway configuration, allows any outgoing connection.

OpenVPN Server
See OpenVPN_Server.

Maintainer
Alon Bar-Lev