FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.
Download FireHOL
http://firehol.sourceforge.net/
Install Firehol in Debian
#apt-get install firehol
Reading Package Lists... Done
Building Dependency Tree... Done
The following extra packages will be installed:
bc iproute libatm1 libreadline4
The following NEW packages will be installed:
bc firehol iproute libatm1 libreadline4
0 upgraded, 5 newly installed, 0 to remove and 1 not upgraded.
Need to get 1171kB of archives.
After unpacking 2535kB of additional disk space will be used.
Do you want to continue? [Y/n]y
This will complete the firehol installation
FireHOL is disabled by default, this needs to be changed.
# vi /etc/default/firehol
START_FIREHOL=NO
#If you want to have firehol wait for an iface to be up add it here
WAIT_FOR_IFACE=""
TO
START_FIREHOL=YES
#If you want to have firehol wait for an iface to be up add it here
WAIT_FOR_IFACE=""
After change this you need to save the file.
Configuring Firehol Firewall
By Default Firehol Configuration files are located at /etc/firehol
Main configuration File is /etc/firehol/firehol.conf default configuration file looks like below
#
# $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $
#
# This configuration file will allow all requests originating from the
# local machine to be send through all network interfaces.
#
# No requests are allowed to come from the network. The host will be
# completely stealthed! It will not respond to anything, and it will
# not be pingable, although it will be able to originate anything
# (even pings to other hosts).
#
version 5
# Accept all client traffic on any interface
interface any world
client all accept
You need to modify this for your needs.I ma having some configuration file as below
Now we need to configure FireHOL, as per the sample below which is distro independant.
# vi /etc/firehol/firehol.conf
Sample
version 5
# Use the following to recognise RavenCore
server_ravencore_ports="tcp/8000"
client_ravencore_ports="default"
# Use the following to recognise RavenCore SSL
server_ravencoressl_ports="tcp/8080"
client_ravencoressl_ports="default"
# Use the following to recognise tinyproxy
server_tinyproxy_ports="tcp/8888"
client_tinyproxy_ports="default"
# Use the following to avoid dhcp-client from filling the logs
server_dhcpclient_ports="udp/67"
client_dhcpclient_ports="default"
# Use the following to blacklist incoming connection from an IP
#blacklist this "21.22.51.30 21.22.51.31"
# Use the following to blacklist incoming AND outgoing connection from/to an IP
#blacklist full 22.43.16.12 65.10.11.25
interface any internet
# Use the following to enable all available protection
protection strong
server "ftp ssh smtp dns http https pop3 imap socks syslog tinyproxy ravencore ravencoressl" accept
client all accept
Thats it, FireHOL is ready for action
#/etc/init.d/firehol start
This will start the firehol firewall
