Iptables аналог в windows

Нужен персональный firewall под Windows. Но нормальный, а не обычную гадость типа ZoneAlarm, отжирающую половину памяти и задающую «умные» вопросы о допуске программ в Инет.

Аналогов iptables и pf я не нашел вообще (страшилка с «интуитивно понятным» интерфейсом, якобы работающая как pf не подходит). http://wipfw.sourceforge.net всем хорош, кроме одного — не умеет делать редирект

Это я плохо искал, или с этим туго? Кстати, если кто знает ссылки на нормальную (а не «откройте окно такое-то, подведите курсор мыщи туда-то..») доку по встроенному брандмауэру Windows XP — приму с благодарностью.

Thread Status:

Not open for further replies.

1. medz
   Registered Member

   Joined:

   Dec 18, 2005

   Posts:

   13

2. emir
   Registered Member

   Joined:

   Dec 21, 2005

   Posts:

   61

   http://www.securityfocus.com/archive/96/418376

   The name is Core Force security and it is entire intrusion detection system with firewall based on Linux Open BSD. I must warn you though that security focus was acquired by a company I deem to be full of flaws in almost all their products:Symantec. Security Focus still produces top quality advanced network security information and I trust them more than most when it comes to security. I attempted to install this program to no avail though, on two different computers. I wish you better luck than I had, and please if you install, post your opinion of this product. Make sure you take a peek at security focus’ vulnerability database, it has helped me in making many software decisions.

3. A recent thread on Core Force: https://www.wilderssecurity.com/showthread.php?t=111181Perhaps you could clarify, what does this have to do with Core Security or Core Labs?

   Regards,

   CrazyM

4. emir
   Registered Member

   Joined:

   Dec 21, 2005

   Posts:

   61

   Crazy M, you ask what this has to do with Core Security, well they are the only people so far as I know recommending Core Security. Security Focus being bought by Symantec means alot of things could happen, if Symantec owns security focus what is to keep them from dictating what is being published on that site. What is for that matter keeping them from requiring security focus to recommend certain products that Symantec has some affiliation with? I’m not saying don’t trust security focus, I still trust them almost as much as before they were acquired by Symantec. I just know politics and I know malevolent big corporations and what CAN and MIGHT happen as a result of Symantec acquiring security focus. Let me ask this, why is it that as soon as Symantec bought Sygate the personal and personal pro were discontinued and only available through mirrors such as majorgeeks? The firewall is only part of norton suite, why discontinue sygate, and why have more security vulnerabilities than any other company besides microsoft. Thats what I think the purchase of security focus by Symantec has to do with Core Force Technologies being on their site. I will admit though that you have I’m sure known about Core Force Technologies for some time right? Well I haven’t, I admit I am somewhat newbie, and if you have reliable information concerning the pedigree of their work then why not mention it instead of asking me what this has to do with core labs. I was just trying to help not be a smart aleck, and I was trying to let this person know about the acquisition by Symantec in case he/she has certain views similar to mine concerning Symantec being inefficient. A forewarning of sorts, is that a good enough explanation?

5. emir
   Registered Member

   Joined:

   Dec 21, 2005

   Posts:

   61

   I forgot to mention I can’t install counter spy or microsoft anti-spyware,couple others,and I assume it has something to do with the fact that I go by Black Viper’s recommendations on default services that should be disabled on clean install of xp. This could explain why Core Force will not install but it does not explain one more thing, why when I attempted to install, the program had to connect to the internet and I had went offline and it made no mention in documentation of needing to go online during installation. When it did connect(I only let it do this because of my trust in security focus) it froze up and that caused me to make yey another appointment with Darik’s Boot and Nuke.

6. Hm ok, here are some clarifications that seem to be in order.

   Core FORCE is developed by an information security company: Core Security Technologies, not Symantec nor SecurityFocus. The company was founded in 1996 and has an extensive track record in the infosec. field. It is known for its automated penetration testing software, Core IMPACT, its security consulting services and for its long time involvement in security research and particularly vulnerability research. The company’s site is at http://www.coresecurity.com

   I work for Core Security Technologies, btw.

   Core Security & Core FORCE have no particular affiliation with Symantec. I’d say that Symantec, SecurityFocus and many other infosec. vendors have known Core Security for quite some time and that whatever relationships there are at the corporate, professional and personal level are those normally expected from independent organizations and people that have been working in the same area for almost a decade.

   Myself, I know a lot of people at many security vendor companies including Symantec and even some personal friends. But that’s beside the point.

   The point is; If you are looking for a free endpoint security package that can do stateful inbound/outbound firewalling and file & regsitry access control with flexible and extensive configuration capabilities then Core FORCE might be an option.
   It is free. It is beta software.
   It is up to you to evaluate if it works for you.
   http://force.coresecurity.com
   — sorry for the anonymous post but I didnt feel like registering and all that just to reply to this message-

7. I dont know about a iptables clone but recently i stumbled upon a clone of the freebsd firewall’s called wipfw.

   WIPFW is a MS Windows operable version of well-known IPFW1 for FreeBSD OS. You can use the same functionality and configure it as only you work with IPFW.

   IPFW is a packet filtering and accounting system which resides in the kernelmode, and has a user-land control utility, ipfw. Together, they allow you to define and query the rules used by the kernel in its routing decisions.

   There are two related parts to ipfw. The firewall section performs packet filtering. There is also an IP accounting section which tracks usage of the router, based on rules similar to those used in the firewall section. This allows the administrator to monitor how much traffic the router is getting from a certain machine, or how much WWW traffic it is forwarding, for example.

   As a result of the way that ipfw is designed, you can use ipfw on non-router machines to perform packet filtering on incoming and outgoing connections. This is a special case of the more general use of ipfw, and the same commands and techniques should be used in this situation.

   http://wipfw.sourceforge.net

8. Hi gumpy,

   Just today, I stumbled across this description of ipfw elsewhere. No doubt wipfw is its Windows reincarnation:

   Customized and most secure firewall (ipfw: IP firewall and traffic shaper control

   program) http://www.osix.net/modules/article/?id=150

   What is ipfw? ipfw is the user interface for controlling the ipfirewall and the
   dummynet traffic shaper in FreeBSD. Too many of you it will look like ipchains
   or iptables, but there are slight differences between them and ipfw, that are
   important. ipfw is basically a ruleset that will give you FULL controll over your
   traffic. Each incoming or outgoing packet is passed through the ipfw rules.
   If host is acting as a gateway, packets forwarded by the gateway are pro-
   cessed by ipfw twice. In case a host is acting as a bridge, packets for-
   warded by the bridge are processed by ipfw once. The rules have it’s numbers
   so users can name them via numbers and either delete them or know their
   exactly location within the ruleset (which is very important)!
   ipfw works procedural like basic programming languages: first command,
   first served. This is very important when you want to add multiple
   rules to a specific protocol, a host, or a port.
   A configuration always includes a DEFAULT rule (numbered 65535) which
   cannot be modified by the programmer and always matches packets. The
   action associated with the default rule can be either deny or allow
   depending on how the kernel is configured.

   — Tom

9. Hey, I just wonder how you write guys?

   I sure might have found something to read in this thread, but?

   It was all garbled messages, no care to write paragraphs?

   I agree, mine here is a a bit too many them, but still easier to read ?

   So your messages suck? Really not a good way to understand what you are saying!
   Or I suck, nevermind

10. TNT
    Registered Member

    Joined:

    Sep 4, 2005

    Posts:

    948

    Just wanted to add, I’m a Core Force user and I’m very happy with it. It is, approach-wise, as removed from Symantec products as it gets. Symantec tends to build security solutions aimed at the «average joe», Core Force is a complex application that I would never recommend to any computer so-called «newbie». It gives an excellent, very configurable, very «fine grained» protection that I haven’t seen in any other free HIPS/Firewall so far.

    Also, I have been in the web application testing and programming field for quite a few years, and I definitely had heard of Core Security a few times before; they are well known for two things:

    — «corporate» security solutions (not solutions aimed at home users): their most well known product, Core Impact, is probably the most famous commercial penetration testing suite around. Frankly, although I DO work doing web penetration tests, I’ve never used it due to its prohibitive cost ($15,000 for a license, if I remember correctly).

    — for releasing security advisories for commercial products.

    I do not work for Core Security by the way. Just wanted to point out that this is a respected and well known company in the security field.

Thread Status:

Not open for further replies.

Skip to content

Top 15 Best Open Source Firewalls for Linux / Windows. Firewalls help protect your computer and network systems from unwanted or malicious traffic. They block sensitive ports and verify that incoming and outgoing traffic is safe to prevent malicious connections. Therefore, they help stop unsafe data exchange between your system and the external environment.

Knowing the best firewall solutions available help you to secure your network security. This article explores the best open source firewall solutions for your Linux or Windows systems. 

Let’s continue reading Top 15 Best Open Source Firewalls for Linux / Windows.

Top 15 Best Open Source Firewalls for Linux / Windows

1. OPNsense

OPNsense is a free, open source solution that blends the efforts of pfSense and Monowall. This firewall is powered by HardenedBSD, a security oriented fork of FreeBSD. Its distro serves as a firewall and routing platform and filters traffic. Use it to display a captive portal, detect and prevent intrusions, set up a VPN, and direct traffic.

The functionality of this firewall is based on an Inline Intrusion Prevention System (IPS). It emulates a deep packet inspection that blocks IP addresses or ports and inspects individual data packets or connections. It stops them before they reach you if necessary.

Pros of OPNsense

• Offers weekly security updates to respond to threats in a timely fashion. 
• Fully integrated web proxy with access control and support for external blacklists.
• Pluggable support for OSPF and BGP based on the Free Rage Router. 
• Two factor authentication enabled for more security.

Cons of OPNsense

• Would be better with web based configuration instead of command line.
• IPS lacks some features that could make it more reliable.

2. pfSense

pfSense is next on the list of Top 15 Best Open Source Firewalls for Linux / Windows. With custom kernel based FreeBSD OS, it makes it one of the leading network firewalls with enterprise grade features. Available as a hardware device, downloadable binary, or virtual appliance. The solution conceptualizes Stateful Packet filtering and delivers advanced network security and intrusion detection.

Highly configurable and flexible in its application. Greatly accessible web control center to easily manage firewall system. Provides a complete overview of the security stature of the network perimeter, making it a suitable choice for new users.

Pros of pfSense

• Extend your applications and connectivity to authorized users through Microsoft Azure or Amazon AWS.
• Configuration allows you to use it as a VPN endpoint and a wireless access point. 
• Upgrade its web based interface or configure it for more flexibility. 
• Comprehensive network solution for enterprises, SOHO, and large businesses.
• Load balancing feature.
• High degree of customization.

Cons of pfSense

• The firmware is difficult to upgrade. 
• Documentation is limited.
• Complex to configure.

3. IPFire

IPFire is a free, secure, and open source firewall distribution solution. Comes not as a software package but as an entire operating system. It’s a standalone operating system based on Linux From Scratch (LFS).

The firewall has an intuitive color coded user interface and provides a minimal approach that is easy to navigate for a beginner. Easy configuration. Additional IPFire’s capabilities are detecting and mitigating intrusion while functioning as a VPN.

Pros of IPFire

• Functions as a VPN gateway, firewall, or proxy server.
• Qualifies as a Stateful Packet Installation (SPI) firewall .
• Content filtering capabilities. 
• Provides a virtualization environment through its Xen, KVM, and VMWare hypervisions.

Cons of IPFire

• It could be better with additional features 
• The Linux-based configuration may make the firewall complicated for some uses

4. VyOS

VyOS boasts high flexibility and reliability, supporting many technologies that make network maintenance easier. Its load balancing options offer the ability to utilize multiple internet connections simultaneously efficiently. If you have a large business, using the Broader Gateway Protocol (BGP) features of the firewall opens up a possibility for better traffic control of your autonomous systems.

Deploy VyOS on the most commonly available servers and computers or within virtual environments. That makes deployments more effortless and cheaper. Also configure the firewall as an enterprise border router with the BGP to serve as an external and internal BGP peer. The stability and availability it provides for your network are unmatched.

Pros of VyOS

• VPN and tunneling protocols for rapid and reliable connectivity between resources. 
• Reliable traffic flow control through specific edge devices. 
• A combined solution featuring an edge router and edge firewall for enterprise network security.
• Merges single purpose devices into one, including switching, IP routing, VPN gateways, firewall, and MPLS.

Cons of VyOS

• Not a mature distro and so hasn’t been ported for as many architectures. 
• Inability to integrate with third party plugins and modules. 

5. DynFi

Following solution on our pick list of Top 15 Best Open Source Firewalls for Linux / Windows is DynFi. Basically, an ideal perimeter firewall for Linux and Windows. Deploys on a virtualized platform like KVM, Proxmox, VMWare, and Hyper-V. Integrates many VPN systems, and you use it as the primary tool for managing your virtual private networks.

It’s the first French open source firewall that integrates many filtering features, allowing you to manage many appliances. Two images with Serial return or VGA, which are compatible with most devices. DynFi has a set of tools for high network filtering.

Pros of DynFi

• An open source firewall that includes a centralized management mechanism .
• Next generation open source with pre integrated filtering systems. 
• Allows for centralized management of Aliases at Manager’s level. 
• Intelligent multisite synchronization and automatic connection of the firewall. 
• Backup of the virtual environment.

Cons of DynFi

• Lacks dynamic analysis of critical firewall data. 
• Could do better with dynamic deployment configurations.

6. Shorewall

Shorewall is a firewall or gateway configuration tool for Linux, not a daemon. Features a Netfiller system for tracking and monitoring potential threats. Use the solution for network partitioning and role based access management. Outstanding advantage of the tool is the extensive support for multiple systems and many network interfaces. Fully customize or modify the firewall according to your network’s requirements. Shorewall also provides blocklisting for IPs. Access features for mapping and traffic accounting. Tools for ease of virtualization are also built in.

Pros of Shorewall

• Support multiple firewall applications, routers, and gateway applications. 
• Manages Stateful Packet filtering through Connection Tracking Facilities through Netfiller.
• Centralized firewall admin. 
• Supports masquerading, port forwarding, and multiple ISP.

Cons of Shorewall

• The configuration is complicated for new users. 
• Lacks up to date documentation of the logs.

7. Endian

Endian is a turn key Linux security distribution that transforms any bare metal appliance into a solution with full featured Unified Threat Management. One of the most straightforward security products to install, configure, and use. Ideal for home and small networks, comprising a VPN, antivirus, firewall, and content filter in a single box.

As a stateful firewall tool, it protects your network from numerous attacks and threats. Offers a well protected VPN to secure the environment, especially for users who work remotely. Its live network monitoring and reporting capabilities allow you to visualize and monitor traffic in real time. Leverage the Endian UTM professional advantage based on intuitive visual graphs and charts that provide increased real time and historical reporting across the entire stack.

Pros of Endian

• Provides introductory email and web security services powered by leading open source Advanced Content Security (ACS). applications 
• Increased scalability and Active Directory or LDAP authentication.
• Two factor authentication features for added security. 
• Email notifications for primary predefined system events in Endian’s community version. 
• A VPN tunnel that provides remote access to employees while connecting multiple offices.

Cons of Endian

• Lacks a centralized management system.

8. iptables

Iptables is a highly flexible Top 15 Best Open Source Firewalls for Linux / Windows utility, ideal for novices and system administrators. Well, the command line firewall utility uses policy chains to allow or block traffic. When a connection attempts to establish itself on the system, iptables matches it to a rule on its lists or resorts to the default action, if no action is a match.

The solution almost always comes pre installed on any Linux distribution, and updating it is as easy as retrieving the iptables package. iptables uses three types of chains, namely input, forward, and output. Input is the chain that controls the behavior of incoming connections. The forward function controls the incoming connections not being delivered locally, while output controls the outgoing links.

Pros of iptables

• Allows or blocks specific connections, ranges, addresses, and ports. 
• Decide the policy chain default behaviour you want the firewall to adopt. 
• Add rules to what you want the software to do when it encounters a connection. 
• Extensive list of commands for customized security control of your system.

Cons of iptables

• Doesn’t save the changes you make unless you execute a command to save them. 
• Installing the solution is lengthy and complex for starters.

9. Firewalld

Firewalld is an open source firewall solution compatible with multiple solutions such as RHEL 7 and newer, OpenSUSE 15, SUSE 15, Fedora 18, and CentOS 7 and all their recent versions. Provides a dynamically managed firewall with support for firewall zones. The trust levels of network connections or interfaces are well defined.

The firewall supports IPv4 IPv6 firewall settings, IP sets, and ethernet bridges. You will notice the separation of runtime and permanent configuration options and an interface for services to run firewall rules directly. One of the most significant benefits of using Firewalld is that you make real time changes in the runtime environment without having to restart the service or use a daemon.

Pros of Firewalld

• IPv4, IPv6, ipset support, and bridge.
• Simple service definition with ports, source ports, protocols, modules, and destination address handling. 
• Simple log of denied packets. 
• Graphical configuration tool based on gtk3.
• Modify the firewall by whitelisting the applications.

Cons of Firewalld

• Lacks advanced security features compared to other Linux based firewall solutions.
• Uses nftables as the default backend, which is inconveniencing for incompatible systems.

10. Safing Portmaster

Safing Postmaster is a free and open source application firewall for Windows and Linux systems. Extensive features enable you to discover everything happening in your network by exposing all the connections, including the evil ones. The excellent defaults dramatically improve your privacy and security without any effort.

If you want to configure and control everything on your systems down allows that to every detail. It intercepts suspicious queries and reroutes them to itself for seamless integration. Safing Portmaster protects your entire computer as its functionality isn’t limited to just the browser. Easily add your rules to block individual domains.

Pros of Safing Portmaster

• Create privacy and security rules based on the global and per-app settings.
• Integrates into the network stack using nfqueue on Linux and a kernel driver on Windows. 
• The privacy network aims at user cases between VPN and Tor. 
• The Portmaster Core Service runs as a system service, with the User Interface elements running in the user context.

Cons of Safing Portmaster

• The default settings offered by the firewall solution may not be the desired package for all users. 
• The functionality to create own rules can develop loopholes for security attacks.

11. OpenSnitch

OpenSnitch is a GNU/ Linux port of the Little snitch application firewall. Apply firewall rules systems wide and block hosts or individual applications. In addition to blocking specific URLs, hosts, and applications, use the software to monitor and set rules for system services, open ports, running processes, and IP addresses. Have the option to apply rules for specific circumstances only.

Blocks activities related to web apps, browser extensions, bug and crash reports, and analytics sent by apps. It virtually stops anything that connects to a different host from your Linux system. Once you launch the software, you sort and filter entries for better management, primarily since it features hundreds of entries.

Pros of OpenSnitch

• Automatically identifies hosts and processes running on your system and prepares appropriate firewall rules.
• Interactive outbound connections filtering. 
• Easily configure the system firewall from the GUI nftables. 
• Allows you to manage multiple nodes from a centralized GUI. 
• Blocks ads, trackers, and malware domains across the entire system. 

Cons of OpenSnitch

• GitHub releases are not available yet. 
• The software requires several dependencies to work effectively.

12. ClearOS Firewall

ClearOS firewall is a Linux based solution that allows administrators to open ports or port ranges for services running locally on the server. If a service requires a connection from outside your network, the software only adds a corresponding port or port range after verifying it.

Available in the 64 bit version with a functional and clean web GUI. It also comes with multiple features and plugins to enhance its functionality. Enjoy better network security using the free version or automatic updates. Several other options in the commercial edition avail. With the standard functionality, you easily add custom firewall rules to increase protection.

Pros of ClearOS Firewall

• Features that enable it to function more than just a firewall to enhance network security. 
• Create advanced firewall rules to meet the security needs of your network. 
• A widely used application whose documentation is readily available. 
• Easily administer your ClearOS firewall from a web-based management interface.

Cons of ClearOS Firewall

• You may need to add a custom firewall to accomplish your firewall needs in some scenarios 
• The Community Edition is limited, not tested or professionally supported, so not good enough for production environments

13. IPCop

IPCop is an open source Linux firewall distribution made for home and SOHO users. Features a Web GUI, built in traffic shaping, and IPsec VPN that support up to four network interfaces.

The minimum requirements for the firewall are a motherboard with a 386 processor, a 300MB hard drive, and 32MB RAM. Very modern hardware may not be compatible because IPCop’s support for the PCI architecture is still in the early stages.

Pros of IPCop

• Includes traffic shaping and IPsec VPN. 
• Features up to four network interfaces. 
• Installation is more seamless and faster from a CD or DVD drive attached directly to the designated router. 
• Distinguishes between several interfaces and types of configuration. 
• Granular control of features ideal for multifaceted web traffic installation.

Cons of IPCop

• Documentation on more advanced features is limited. 
• Lacks driver support for more modern hardware types.

14. Vuurmuur

Vuurmuur is another open source firewall for Linux. Uses inbuilt firewalling components of the Linux kernel like Netfiller and Iptables to manage the network perimeter. The intuitive graphical user interface (GUI) layout helps configure the firewall in the best way for the network.

The solution lies in the gray area between being feature rich and minimal. The GUI provides accessibility to casual users because of its simple and easy to learn configurations.  Implementing the automation scripts for the highest security level is easy because the firewall is entirely scriptable. The powerful monitoring features allow you to view the logs, bandwidth, and connections through the console or SSH.

Pros of Vuurmuur

• Converts humanly readable rules, groups, hosts, zones, and networks. 
• You don’t need to know about iptables to use the firewall. 
• Easily manage it through the console or SSG. 
• Second element that converts the Netfiller logs to easily readable logs. 
• Uses a ncurses based user interface to manage the firewall.

Cons of Vuurmuur

• It may take a while to navigate the various elements and how the solution works. 
• Interface isn’t user friendly.

15. OpenWrt

Last but not least Top 15 Best Open Source Firewalls for Linux / Windows is Openwrt. Basically, it is explicitly deployed for use in routers and networks. That means ordinary home users can’t use it as their regular firewall compared to power users, networking enthusiasts, and wireless device developers. 

Compared to other firewall developments for distros that have fallen by the wayside, OpenWrt has withstood the test of time. It also has a decent GUI and provides optional packages in its repository. That allows you to configure the solution to meet your security needs in several ways.

Pros of OpenWrt

• The configuration is relatively straightforward and provides an automatic base rule set for the router. 
• Undergoes regular updates and has a reliable support system. 
• The GUI is decent and provides several optional packages. 
• Configure it in various ways to meet diverse security needs.

Cons of OpenWrt

• Not ideal for use by home users looking for a firewall solution for their computers. 
• Not your usual firewall solution.

Thank you for reading Top 15 Best Open Source Firewalls for Linux / Windows. We shall conclude this article now. 

Top 15 Best Open Source Firewalls for Linux / Windows Conclusion

Open source firewalls are a great way for Linux/Windows users to protect their network. They provide online security and best of all they are free and customizable. With the number of open source firewalls available on the market, it is hard to choose which one is right for you. The list above has some of the best open source firewalls so you start protecting your network today! From OPNsense and pfSense to iptables and Endian Firewall, you are sure of the ultimate protection.