10 Useful Open Source Security Firewalls for Linux Systems

Download Your Free eBooks NOW - 10 Free Linux eBooks for Administrators

Tarunika Shrivastava

I am a linux server admin and love to play with Linux and all other distributions of it. I am working as System Engineer with a Web Hosting Company.

Host Your Own Website at $97 Discount + One Free Domain Using our Promo Code 'Tec97' (Enter this code during Signup) - Signup with DreamHost Now!

Download Free Linux eBooks

Advanced Bash-Scripting Guide
Linux Bible
A Newbie's Getting Started Guide to Linux
Ubuntu Linux Toolbox: 1000+ Commands

You may also like...

25 Responses

  1. Eduardo says:

    m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software).
    m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent.
    m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.

  2. Weverton says:

    Hi Tarunika,

    I am really impress with this well writen article. Its help me a lot. But I am wondering: is there any kind of UTM linux based free that i can used? i am looking for features like – Web Filtering / Web Content Filter. I know that Dans Guardian can do the job (like smothwall too) but these solutions need that i set up proxy address in the hosts, and i want a solution with ZERO config in any device inside my network. Acctualy with have a FW Cisco ASA 5505 and using a RRAS VPN Microsoft Server with AD users integration. So i would like to put a Linux box (with two NICs) beetween my Firewall Cisco and my Switch Network, acting like a bridge. I konw that UNTANGLE can do the JOB but the full capacity is paid. So.. can yopu give me a tip about this problem? Thanks in advance. ;-)

  3. Vix says:

    @ Michael ,

    When u says Half baked knowledge is wonderful , assume u have full cooked knowledge.

    Asking you a simple question.
    I have 5510 Cisco in my org. I want to replace it with and option to opensource but eventually when it finally goes off .

    What is the best options.,
    It is currently being used for :
    1. seting up in-out bounds
    2. DMZ
    3. VPN
    4. less amount of Network monitoring.

    Suggest a best piece of the LINUX OpenSource FW ,eventhough it is tough to manage it should be able to update dnsbl list and other UTM/IDS functions up-to-date.

    Thanks in advance for your suggestions.

  4. Nix says:

    All you need is to type these two commands in a terminal emulator.

    No need to install third party firewalls.

    sudo ufw enable
    sudo ufw default deny

  5. vijay says:

    hi , i want block not to uploding my files to internet . like pdf ,ppt, doc, kind of files. users not allow organigation classified information files to gmail attchments . i tried every possible way some of opensource firewalls , but i could not get this kind of policy please help me out with open source firewall and linux.

  6. Squidblacklist.org is the worlds leading publisher of native acl blacklists tailored specifically for Squid proxy, and alternative formats for all major third party plugins as well as many other filtering platforms. Including SquidGuard, DansGuardian, and ufDBGuard, as well as pfSense and more.

    There is room for better blacklists, we intend to fill that gap.

    It would be our pleasure to serve you.


    Benjamin E. Nichols

  7. Ambesh says:

    in my small network i want to block few selected websites and application like torrent downloader….plz suggest me few open source firewalls which can do my work perfectly. i have CentOS 6.3 in admin PC and rest PC are windows.

  8. Michael says:


    Configserver, UFW, Shorewall… are nothing but front ends to make using iptables easier.

    There is only ONE firewall on LINUX – iptables.

    Everything else is a front end to iptables. There are more front ends such as Arno’s firewall, KISS etc.

    PfSense is a BSD firewall – nothing to do with Linux.

    Evidently, half baked knowledge is a wonderful thing.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Join Over 62000+ Linux Users
  1. 48100
  2. 2222
  3. 11697
Enter your email to get latest Linux Howto's