On 03/03/2020 14:06, Stefan K wrote:
Hi,
and thanks for this hint, will have a look into it. firt look is that it use
XML-config syntax, right, thats not my favorite but ok i will try it.
Just to be more specific:
I will build a firewall (bare metal), behind the firewall I have 512 public IP
addresses and I will manage the access rules, my boss and I favour a simple
opensource-solution with just IP/Port access-rules
On Thursday, February 27, 2020 2:19:55 AM CET tv.deb...@googlemail.com wrote:
On 26/02/2020 17:54, Stefan K wrote:
Hello,
we're looking for a nftables gui/frontend.
We want to create a simple firewall (port/ip blocking) I took a look at
vuurmuur[1], but it just support iptables. Does exist some other solutions?
We don't want to config it via cli or config-files.
Thanks for help!
best regards
Stefan
[1] https://www.vuurmuur.org/t
Hello, I believe "firewalld" fits your needs, it as a frontend available
in the package "firewall-config" and a taskbar notification/status with
"firewall-applet" that works in various desktop environments.
The docs can walk you or your users though the basics and more [1].
"gufw" + "ufw" while not designed for nftables also work with it thanks
to iptables compatibility wrappers. The occasional bug was discussed on
this list not long ago.
Both have the advantage of being packaged in Debian.
[1] https://firewalld.org/documentation/howto/
I have only used "firewalld" for small deployments, usually with the
command-line tool "firewall-cmd". The applet is a bonus so that users
can confirm that the firewall is running without the need of typing a
command, and get feedback if something is blocked. It does use xml syntax.
For anything larger my tool of choice is "shorewall" [2], which in
Debian works with iptables or nftables thanks to the compatibility
layer. The configuration is easy enough, the syntax is very
straightforward, but you would have to forego the g.u.i. requirement, I
am not aware of any graphical front-end for "shorewall".
[2] https://shorewall.org/
