Best Firewall Package [Solved].

Posted: Wed Aug 07, 2019 23:01
by albfneto
In the more recent or upgraded Sabayon installations, is it better to use UFW or firewalld as default firewall?

Re: Best Firewall Package.

Posted: Thu Aug 08, 2019 11:18
by Fitzcarraldo
Either can be used.

Here is a comparison of UFW annd Firewalld that you might find helpful: Comparing and contrasting Uncomplicated Firewall and FirewallD.

And here is an article on switching from Firewalld to UFW that also comments on the differences between the two: How to switch firewalls from FirewallD to UFW.

Re: Best Firewall Package.

Posted: Thu Aug 08, 2019 17:46
by albfneto
If I understood, both working, but not together.

UFW is good for general and easier use, in desktops.

but in servers firewalld is racommended.
Thanks, I will mark the topic as solved.

Re: Best Firewall Package [Solved].

Posted: Fri Sep 27, 2019 15:13
by Fitzcarraldo
Notice the comments in the first article:
FirewallD is better suited for a roaming user on a laptop than ufw because of the automatic zone-management when paired up with NetworkManager.
Its firewall-cmd front-end has almost the same feature set for basic firewall management as ufw, and adds network zone management to the mix. Zone management allows you to set up presets with rules for different network conditions/locations. For example “Home” and “Office” where all communications with local machines are allowed, and “Public Wi-Fi” where no communication with the same subnet would be allowed. Rules can be applied automatically per network interface, or used through NetworkManager and the GNOME network GUI.
GUFW, a front-end for UFW, does permit the use of profiles:

The default profile choices are Public, Home and Office but you can add others. You have to select these manually when you change location.

Basically, if you are only using your machine at home then UFW is simpler to use and perfectly adequate. If you are roaming with your machine, either firewalld or UFW can be used, although firewalld is more sophisticated and better suited for mutliple zones than UFW. The downside is that firewalld's syntax is more complicated than UFW's syntax, although both have GUI front-ends.