Alternatives to UFW
Re: Alternatives to UFW
I will always recommend OpenSnitch. It is the kind of firewall that is more intuitive to the way that end-devices get used. Each application that initiates network traffic has to be approved on-access and per-application basis.
Newer versions implement inbound blocking like gufw, but that hasn't found its way into Debian yet.
Newer versions implement inbound blocking like gufw, but that hasn't found its way into Debian yet.
Re: Alternatives to UFW
I do not have a problem with UFW and GUFW. For normal non-techie users they are decent enough. I wanted to evaluate whether there are some alternatives which are more powerful than UFW. Also UFW depends on IPTables. I wanted to know if there is an equivalent of UFW+GUFW which uses nftables instead of IPTables. I also would like to configure Firewall access on per application access. For example allow browser, DPKG/APT, rsyslogd to access the internet but not other applications and packages. I need to configure that as a rule.
Nothing against iptables or gufw or ufw.
Re: Alternatives to UFW
Thanks @Uptorn. OpenSnitch sounds promising. Does it use iptables of nftables? And to install it do we have to compile it from a source code? OR do we have to install it from its own repository, i.e. add its repository into the sources files of dpkg?Uptorn wrote: ↑2024-08-09 03:22 I will always recommend OpenSnitch. It is the kind of firewall that is more intuitive to the way that end-devices get used. Each application that initiates network traffic has to be approved on-access and per-application basis.
Newer versions implement inbound blocking like gufw, but that hasn't found its way into Debian yet.