quick-docs/modules/ROOT/pages/_partials/iptables-gui.adoc

86 lines
3.4 KiB
Text
Raw Normal View History

= Graphical User Interface
There are several graphical user interfaces available to configure iptables.
* link:http://www.fwbuilder.org/_fwbuilder[fwbuilder]: Very complete GUI tools
2020-04-18 21:27:08 +00:00
to configure iptables.
* link:http://shorewall.net/_Shorewall[Shorewall]: Another very complete GUI
2020-04-18 21:27:08 +00:00
like fwbuilder.
* link:http://www.turtlefirewall.com/_Turtle_firewall_project[Turtle firewall
2020-04-18 21:27:08 +00:00
project]: Web interface and integrated to webmin. But it can not handle all
iptables options.
* link:http://users.telenet.be/stes/ipmenu.html_IPmenu[IPmenu] :A console based
2020-04-18 21:27:08 +00:00
interface that covers all iptables functionality.
The following section describes yet another frontend: `system-config-firewall`.
== system-config-firewall
The GUI interface is similar to the text based interface just more friendly.
The first time you start the GUI you will receive a warning. The program will
*not* load your custom configuration. So any preexisting rules will be
overwritten.
image:Firewall_GUI_First_Time_Startup.PNG[First time
startup message,title="fig:First time startup message"]
Before you start, you have to enable your firewall to activate the
configuration utility.
image:FireWwall_GUI_startup.PNG[Firewall Gui startup
screen,title="Firewall Gui startup screen"]
The initial configuration is empty and will not allow any network traffic.
image:No_configuration.PNG[No firewall
configuration,title="No firewall configuration"]
You can ignore the warning and start the wizard. Click _forward_:
image:Firewall_Wizard.PNG[Firewall Wizard : welcome
screen,title="Firewall Wizard : welcome screen"]
Choose _System with network access_ to enable the firewall. The other option
_System without network access_ would disable the firewall and don't allow
access to any network.
image:Firewall_Wizard_2.PNG[Firewall Wizard : network
access?,title="Firewall Wizard : network access?"]
Next, you have to choose your skill level. The *Beginner* options only
allows the configuration of _trusted services_. This option is fine if you only
want to use services like _ftp_, _dns_, _http_, etc. It does not allow you to
configure customs port ranges. If you select *Expert*, you will have access to
firewall options. You can change the skill level later via _Options_ in the
main window.
image:Firewall_Wizard_3.PNG[Firewall Wizard :
skill?,title="Firewall Wizard : skill?"]
You can choose from a set of default configurations to start with. The *Server*
template will only enable SSH on the firewall. The _desktop template_ enables
additional ports (_IPsec_, _multicast DNS_, _Network Printing Client_ and
_SSH_). For convenience select *Desktop* and continue:
image:Firewall_Wizard_4.PNG[Firewall Wizard : configuration
base?,title="Firewall Wizard : configuration base?"]
To enable additional _trusted services_ just choose the services from the list.
image:Firewall_Wizard_5.PNG[Firewall Main interface :
enabled,title="Firewall Main interface : enabled"]
You can add custom rules after choosing *Other ports* from the side bar. Click
the *Add* button and either choose form services list on the right or tick
*User Defined* and fill in the requested information.
image:Firewall_GUI_other_ports.PNG[Firewall GUI : edit other ports
rules.,title="Firewall GUI : edit other ports rules."]
The other options in the sidebar *Trusted Interfaces*, *Masquerading*, *Port
Forwarding* and so on work exactly as in the text based interface.
When you finished the configuration, click *Apply* to save and activate the
firewall.