FireHOL Firewall Configuration in Debian Linux

What is FireHOL ?

FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.

Download FireHOL

Install Firehol in Debian

#apt-get install firehol

Reading Package Lists... Done
Building Dependency Tree... Done
The following extra packages will be installed:
 bc iproute libatm1 libreadline4
The following NEW packages will be installed:
 bc firehol iproute libatm1 libreadline4
0 upgraded, 5 newly installed, 0 to remove and 1 not upgraded.
Need to get 1171kB of archives.
After unpacking 2535kB of additional disk space will be used.
Do you want to continue? [Y/n]y

This will complete the firehol installation

FireHOL is disabled by default, this needs to be changed.

# vi /etc/default/firehol

#If you want to have firehol wait for an iface to be up add it here


#If you want to have firehol wait for an iface to be up add it here

After change this you need to save the file.

Configuring Firehol Firewall

By Default Firehol Configuration files are located at /etc/firehol

Main configuration File is /etc/firehol/firehol.conf default configuration file looks like below

# $Id: client-all.conf,v 1.2 2002/12/31 15:44:34 ktsaou Exp $
# This configuration file will allow all requests originating from the
# local machine to be send through all network interfaces.
# No requests are allowed to come from the network. The host will be
# completely stealthed! It will not respond to anything, and it will
# not be pingable, although it will be able to originate anything
# (even pings to other hosts).

version 5

# Accept all client traffic on any interface
       interface any world
       client all accept

You need to modify this for your needs.I ma having some configuration file as below

Now we need to configure FireHOL, as per the sample below which is distro independant.

# vi /etc/firehol/firehol.conf

version 5
# Use the following to recognise RavenCore

# Use the following to recognise RavenCore SSL


# Use the following to recognise tinyproxy


# Use the following to avoid dhcp-client from filling the logs


# Use the following to blacklist incoming connection from an IP

#blacklist this ""

# Use the following to blacklist incoming AND outgoing connection from/to an IP

#blacklist full

interface any internet
       # Use the following to enable all available protection
       protection strong
       server "ftp ssh smtp dns http https pop3 imap socks syslog tinyproxy ravencore ravencoressl" accept
       client all accept

Thats it, FireHOL is ready for action

#/etc/init.d/firehol start

This will start the firehol firewall

If you want more services need to be defined in firehol.conf file check the firehol website services link