Basic Ubuntu Linux Firewall Configuration

From Techotopia
Revision as of 17:50, 25 June 2007 by Neil (Talk | contribs) (Running the lokkit Firewall Tools)

Jump to: navigation, search

A firewall is a vital component in protecting a computer system, or network of computers from external attack (typically from an internet connection). Any computer connected directly to an internet connection must run a firewall to protect against malicious activity. Similarly, any internal network must have some form of firewall between it and an external internet connection.

Ubuntu Linux is supplied with powerful firewall technology known as iptables built-in. Entire books can, and indeed have, been written about configuring iptables. Fortunately Ubuntu Linux also provides some tools which make firewall configuration for the average user easy. This chapter will cover the steps necessary to configure an Ubuntu Linux firewall using those tools.


Contents


Ubuntu Linux Firewall Options

Ubuntu Linux provides two firewall configuration options. The first is a basic yet effective and easy to use firewall configuration system called lokkit. Another, more advanced, option is called GuardDog.

In this chapter we will explore lokkit and in the next chapter (Installing and Configuring a GaurdDog Firweall on Ubuntu) we will look at the GaurdDog firewall in more detail.

Configuring a Basic Ubuntu Linux Firewall

The lokkit tool is not installed by default on Ubuntu Linux, so before we can begin to configure a firewall we first need to install the appropriate package. There are two ways to do this, either using the Linux command-line, or using the Synaptic Package Manager. We will begin by looking at the Synaptic Package Manager method.

To launch the Synaptic Package Manager click on the System menu on the desktop and select "Synaptic Package Manager from the Administration sub-menu. Enter your password when prompted to do so. The Synaptic Package Manager will appear as follows:

Ubuntu linux synaptic package manager.jpg

Once the package manager has loaded the next step is to locate the package we need to install. Click on the Search button the the Synaptic toolbar, enter lokkit in the Search dialog and press Search. The search should return two results, lokkit and gnome-lokkit. lokkit is a text based version of the tool and gnome-lokkit is a graphical version. gnome-lokkit requires that lokkit also be installed so click on the check both next to gnome-lokkit and select Mark for installation from the drop down menu. A dialog appears stating that lokkit also needs to be installed. Click on the Mark button to also install lokkit.

Now that we have defined what we want to install we now need to installed it. Do do so simply click on the Apply button located in the Synaptic toolbar and click Apply in the Summary dialog. The package manager will now download and install the tweo packages. Close the completion dialog and exit Synaptic once the installation is finished.

Alternatively the lokkit and gnome-lokkit packages can be installed from the Ubuntu Linux command-line using the apt-get tool. The first step is to launch a termial window to gain access to the command-line. To do this click on the desktop Applications menu and select Konsole from from System Tools menu. The resulting dialog provides a Linux command-line prompt. Type the following at the prompt:

sudo apt-get install gnome-lokkit

Enter your password when prompted. apt-get will then install the two packages.


Running the lokkit Firewall Tools

Unfortunately the last few releases of Ubuntu Linux contain a bug which prevent gnome-lokkit from running. If gnone-lokkit fails for you you will need to use lokkit. Fortunately, there is nothing in gnome-lokkit that cannot be achieved using lokkit. To launch lokkit start a Linux console to access the command prompt (lick on the desktop Applications menu and select Konsole from from System Tools menu) and type the following at the command-line prompt:

sudo lokkit

Enter your password when prompted. Once loaded, lokkit should appear as follows:

Ubuntu lokkit firewall main.jpg

Notice that Ubuntu Linux defaults the highest level of security. This follows the general rule of security that a system should start with everything locked down and then lifted gradually to provide only the functionality needed, and nothing more.

The most useful lokkit screen the the customization screen. TO access this screen use the Tab key to navigate to the 'Customize button at the bottom of the screen. Once Customize is highlighted press the Enter or Space key to select it. The Customization screen should appear as follows:

Ubuntu lokkit firewall customize.jpg

Understanding the lokkit Firewall Customization Screen