#1 2021-05-01 13:00:12

Registered: 2017-11-25
Firewall on laptop with Chimaera

I think I should install a firewall on my laptop, since it will be used in open networks connecting via wifi. This is a new situation for me. My desktops at home do not have a firewall installed, I rely on the one in the DSL modem and the ethernet router behind that. So far I never had any issues.

What is a recommendable firewall with an easy way to enable for wifi traffic? Is UFW/GUFW good enough and state of the art?

Thanks, rolfie


#2 2021-05-02 16:55:32

Registered: 2017-04-21
Re: Firewall on laptop with Chimaera

rolfie wrote:

Is UFW/GUFW good enough and state of the art?

Yes, it is not a bad choice .

#3 2021-05-02 21:41:40

Registered: 2016-11-25
Re: Firewall on laptop with Chimaera

arno-iptables-firewall is nice and simple. You can configure it with debconf, and it will ask a few questions about which interface(s) to use and which ports to open, etc. There's a way to do fancier stuff by editing configs, but I've never done anything with that.


#4 2021-05-02 23:15:31

Registered: 2017-05-15
Re: Firewall on laptop with Chimaera

I like FireHOL. It uses a simple, human-readable configuration file.

Package name: firehol

More info:

For a laptop, the default configuration would probably be sufficient.


#5 2021-05-02 23:25:14

Registered: 2019-07-18
Re: Firewall on laptop with Chimaera

I'm using UFW/GUFW, but it was a bit of a bitch to get working on start.

Somehow the program and install directory permissions were owned by the user (me), and

the program need root to start.

I eventually fixed it, i think... while looking into the "su -" and path changes.

I'm always thankful for the suggestions on firewall apps, for researching next ...

Last edited by GlennW (2021-05-02 23:41:19)


#6 2021-05-07 13:53:33

From: London
Registered: 2019-03-24
Re: Firewall on laptop with Chimaera

I think a better approach would be to disable any listening services on the laptop. The best firewall is not having to need a firewall at all smile

In respect of {G,}UFW, those front-ends were created because the iptables syntax is so horrible but nftables has a *much* simpler language and so doesn't really need those tools any more. See also … /Main_Page


