Shorewall – Advanced firewall for Linux Servers

Leave a comment on Shorewall – Advanced firewall for Linux Servers

Introduction

As we know, firewalls are crucial when it comes to system security. It should prevent different attacks and other malicious activities that may arise. A good firewall, installed and properly configured, can reduce all security burdens in the long run. There are numerous in-built and third-party firewalls available on the market. Shorewall is an advanced firewall setup for modern Linux systems. Let’s look into it.

Shorewall

As mentioned, this is an advanced firewall system for Linux systems. Linux systems basically have iptables for long ages as firewalls. But managing iptables will not be that easy for a newbie. The iptables literally manage a module called netfilter in the system. There is a shorewall that can act as a front end to the IPs. So it is easy to manage.

How to install shorewall ?

The installation is so easy using apt or yum. 

If you are on Debian-based systems, then install with the below commands.

apt install shorewall

If you are on a RHEL based system, install it with the below commands.

yum install shorewall

Once installation is successful, it is time to configure it properly. 

Step 1 

Step 2

Step 3

These are the files inside shorewall

  • conntrack: It contains settings related to connection tracking, which is a feature of the Linux kernel’s networking subsystem that keeps track of the state of the network connections. 
  • params: The params file typically contains global configuration parameters for Shorewall, a firewall configuration tool for Linux systems.
  • shorewall.conf:  This file is the main configuration of Shorewall. It contains global settings and directives that define how it operates, including firewall rules.

Step 4

Need to define the network using a set of zones using network-interface configuration.

vi /etc/shorewall/zones
fw firewall
wan ipv4
lan ipv4

Step 5

Define network interfaces as well.

Let’s check the directives set using shorewall check

How do we start and stop shorewall?

# service shorewall start
# service shorewall stop
# service shorewall restart
# service shorewall status

To enable shorewall at boot time.

chkconfig shorewall on

How can we firewall logs?

# shorewall show hits
# shorewall show hits|less

Conclusion

This is how we can install shorewall and configure it. A properly configured firewall can prevent attacks and other malicious activities.

Server Hosting Solutions by RackNerd:

Shared Hosting
cPanel Web Hosting in US, Europe, and Asia datacenters
Logo
SEE PLANS
Reseller Hosting
Create your new income stream today with a reseller account
Logo
SEE PLANS
VPS (Virtual Private Server)
Fast and Affordable VPS services - Instantly Deployed
Logo
LINUX VPS WINDOWS VPS
Dedicated Servers
Bare-metal servers, ideal for the performance-demanding use case.
Logo
SEE PLANS

Leave a comment

Your email address will not be published. Required fields are marked *