Guarddog

From MEPIS Documentation Wiki

Jump to: navigation, search

Guarddog is a firewall configuration utility. It provides a GUI for iptables, the firewall that comes with Linux kernel.

As the website states: "Guarddog is aimed at two groups of users. Novice to intermediate users who are not experts in TCP/IP networking and security, and those users who don't want the hastle of dealing with cryptic shell scripts and ipchains/iptables parameters."

Contents

Zones

Some users are confused by two "Zones" found under the Protocols tab. These "Zones" determine direction, being either client or server. The Internet Zone allows connections to servers and services that are on the Internet/Network. The Local Zone allows connections to servers and services that are on the local machine (for example sshd server allowing remote logins to your local machine).

Setting up a custom zone

If for example you need a "Local Network" zone with different firewall permissions you can do the following:

  1. click "New Zone" in Zone tab
  2. edit name as "Local Network" and set up the address or the address range (using a network mask) of the machine(s) that will be part of that zone
  3. check the "Local" checkbox in "Connection" section
  4. now you can go to the "Protocol" tab and select the checkboxes in "Local" for protocols that should be accessible from the new zone and in "Local Network" the protocols that should be accessible from your machine.

Protocols

A protocol is a set of rules that enables and controls communication. Default protocols come with Guarddog, but you can also add one of your own.

Adding a new protocol

  1. Go to "Advanced" tab
  2. Click "New Protocol" set up a custom name and specify the type: TCP or UDP and enter the port number or range
  3. Go to "Protocol" tab
  4. Click the correct "Defined Network Zone", Default choices are Internet or Local.
  5. In the "User Defined" section click the little arrow to expand the choices
  6. Find the new protocol and check the box

Saving protocols

On the Advanced tab, you can save or backup your settings using the Import/Export feature. This is handy if you do a reinstall your system and want to restore your firewall settings or if you want to transfer your custom settings to another computer.

Related Mepis Wiki Links

  • Firewall -- Guide to configuring a redundant firewall architecture.
  • Firestarter -- Firestarter graphical iptables editing application.
  • ufw -- Uncomplicated Firewall (ufw) command line-based iptables editing application.
  • Gufw -- Gufw graphical user interface to the command line interface, ufw, for editing iptables.
  • Enabling Firewall for P2P Applications -- Firewall configuration for P2P applications such as Gnutella, Frostwire, Limewire, etc.
  • Webmin -- Web based system administration tool that contains a module to configure the firewall and routing capabilities of the kernel. Very flexible and powerful but somewhat complex.
  • Iptables -- Example of firewall configuration using iptables.

Other Related Resources


See also: Firestarter, Gufw, ufw, Firewall


Personal tools
In other languages