How to setup GUFW firewall?

iamyourdensity · April 8, 2020, 10:13pm

Have my Librem 13 v4 setup and would like to get some form of firewall in place. Basically very new to pureOS so hopefully I’m not missing something obvious.

I heard about GUFW as a simple GUI firewall application. I had the debian file installed. When I try to launch GUFW though the search bar on the top of pureOS, it gives me the application called Firewall Configuration. Even under the Software app, it lists it installed as Firewall Configuration. When I try to either click on the icon from the search bar or click “Launch” from the software page - nothing pops up. The version installed for GUFW is 18.10.0-1

Am I doing something incorrectly here?

lo0 · April 8, 2020, 10:16pm

If you launch it from a terminal you will likely see the error message that is preventing it from launching. I’m guessing it needs to be run with sudo. The name sounds right according to what I see in the software center.

iamyourdensity · April 8, 2020, 10:36pm

Thanks for the quick followup. Okay I opened up Tilix and tried typing the following, “sudo gufw_18.10.0-1” and and “sudo Firewall Configuration” and both results said could not find the database of available applications.

Also tried “gksudo” command line since this is a GUI application and same result too. I’m figuring I’m not typing the program name correctly?

kieran · April 8, 2020, 10:39pm

Try sudo gufw

iamyourdensity · April 8, 2020, 10:42pm

Tried sudo gufw and it said the following:

No protocol specified
Unable to init server: Could not connect: Connection refused.

Then a bunch of (gufw.py:8729): Gdk-CRITICAL failed lines.

kieran · April 9, 2020, 12:15am

Please post output from

printenv XDG_SESSION_TYPE

reC · April 9, 2020, 12:22am

hi ! try

sudo apt install firewall-config

then press the super key + A and look for something like this

iamyourdensity · April 9, 2020, 9:57pm

It just said “wayland” after putting that command

iamyourdensity · April 9, 2020, 10:02pm

Okay, looks like your suggestion reC made the Firewall Configuration install properly. I found it on the system and clicked on the icon to boot it up.

Image below of what the first boot of the software shows me. As a novice user for setting up firewall on Linux, what parameters should have I have set for home and office use as a basic security measure under zones, ports, protocols, source ports, etc?

JR-Fi · April 10, 2020, 4:10am

Your question, while good and understandable, is a bit big.

In general, a good rule of thumb (from security perspective, not from usability) is: deny everything by default. So, don’t open anything. See what works now and if you come across something that doesn’t, then see what you need to open. And if you decide to open, open only the smallest and specified of openings (specific protocol, specific port, specific IPs, and/or networks, or even more detailed). Keep the attack vectors small, as they say.

This would be the right method although not the simplest - but there is no simple secure way. The “big” in this is, that for effective configuration, we would need to know what programs you use and how, what is your network (devices) and possibly what they do, as well as your preferences on how secure vs. convenient it should be. And then there is the proper risk assessment side if you have specific threats/vulnerabilities that you want to mitigate.

For instance, generally blocking is only concerned about connections coming/starting from outside, but there are ways to make the connection start from the inside (normally, then the firewall allows data to move both ways for that connection, like normal web browsing, but I’m referring to malicious connections opening backdoors). On top of that, common tcp&udp are not the only protocols as there are several that are needed to have a working net, so those less known ones are often overlooked and can be used to circumvent blocking (and just blocking them is likely to cripple you). This is to say, there is absolute blocking (“a wall”) but it’s more often more selective (“a door”) because data has to flow both ways.

And it’s not just about setting up the firewall (which in itself is good and commendable), as it should be paired up with setting up logging, analysis of logs and a warning message system - so that you know what is going on. But, again, only you know what is normal in your system and network and only you can set it up just right.

I think you’d do best, if you searched web for configuration suggestions and specifics, after you’ve identified what you need (and do not need). There are plenty of good sites and guides but go with the mindset that you may need to combine advice from several, because the use cases vary. And get acquainted with protocols as well, so you know what each is for.

[edit: and if/when you have several rules - it’s sometimes not said - their order is important as one may affect the others]

kieran · April 10, 2020, 4:12am

I think that’s your problem. Log out and log in again but using the cog wheel icon on the login screen to choose X instead of Wayland and see whether that makes a difference.