From MEPIS Documentation Wiki
As the website states: "Guarddog is aimed at two groups of users. Novice to intermediate users who are not experts in TCP/IP networking and security, and those users who don't want the hastle of dealing with cryptic shell scripts and ipchains/iptables parameters."
Some users are confused by two "Zones" found under the Protocols tab. These "Zones" determine direction, being either client or server. The Internet Zone allows connections to servers and services that are on the Internet/Network. The Local Zone allows connections to servers and services that are on the local machine (for example sshd server allowing remote logins to your local machine).
Setting up a custom zone
If for example you need a "Local Network" zone with different firewall permissions you can do the following:
- click "New Zone" in Zone tab
- edit name as "Local Network" and set up the address or the address range (using a network mask) of the machine(s) that will be part of that zone
- check the "Local" checkbox in "Connection" section
- now you can go to the "Protocol" tab and select the checkboxes in "Local" for protocols that should be accessible from the new zone and in "Local Network" the protocols that should be accessible from your machine.
A protocol is a set of rules that enables and controls communication. Default protocols come with Guarddog, but you can also add one of your own.
Adding a new protocol
- Go to "Advanced" tab
- Click "New Protocol" set up a custom name and specify the type: TCP or UDP and enter the port number or range
- Go to "Protocol" tab
- Click the correct "Defined Network Zone", Default choices are Internet or Local.
- In the "User Defined" section click the little arrow to expand the choices
- Find the new protocol and check the box
On the Advanced tab, you can save or backup your settings using the Import/Export feature. This is handy if you do a reinstall your system and want to restore your firewall settings or if you want to transfer your custom settings to another computer.
Related Mepis Wiki Links
- Firewall -- Guide to configuring a redundant firewall architecture.
- Firestarter -- Firestarter graphical iptables editing application.
- ufw -- Uncomplicated Firewall (ufw) command line-based iptables editing application.
- Gufw -- Gufw graphical user interface to the command line interface, ufw, for editing iptables.
- Enabling Firewall for P2P Applications -- Firewall configuration for P2P applications such as Gnutella, Frostwire, Limewire, etc.
- Webmin -- Web based system administration tool that contains a module to configure the firewall and routing capabilities of the kernel. Very flexible and powerful but somewhat complex.
- Iptables -- Example of firewall configuration using iptables.
Other Related Resources
- Home Website for Netfilter/Iptables -- Detailed advanced documentation for Netfilter and Iptables.
- Homepage for Guarddog -- GUI interface for editing iptables.
- Online Manual for Guarddog -- Detailed advanced documentation for Guarddog.
- Homepage for Firestarter -- User-friendly GUI front-end for editing iptables.
- Online Manual for Firestarter -- Detailed advanced documentation for Firestarter.
- Homepage of Uncomplicated Firewall (ufw) -- A command line interface for editing iptables.
- Wiki for Uncomplicated Firewall (ufw) -- Ubuntu wiki documentation for ufw.
- Homepage of Gufw -- Gufw is a GUI interface...to the command line interface, ufw...for editing iptables.
- Documentation for Gufw -- Ubuntu documentation for Gufw.
- Kmyfirewall -- A KDE-based firewall tool designed to be relatively easy to use while providing full-featured control of iptables. Appears to no longer be in active development.
- Setting up a personal firewall on Debian using Guarddog