How to create outbound rules in Ubuntu Firewall with Firestarter
When it comes to blocking data emanating from your computer, Firestarter can enact two different modes: whitelist, and blacklist.
Whitelist In this mode, network traffic is not allowed out of the computer unless a rule allows it. This is also known as a restrictive policy.
Blacklist In this mode, which is default, all traffic is allowed out of the computer unless a rule specifically forbids it. This is also known as a permissive policy.
Whitelist mode undoubtedly offers the most secure protection, but at the expense of having to create a rule for each type of outbound connection you're likely to make. You will need to make individual rules for connections emanating from all the software on your system: web, email, instant messaging, and so on.
NOTE: You will need to create two rules for web connections: one for standard HTTP, and another for HTTPS secure connections, such as those used by online shops, banks and email services. Additionally, some websites insist on using nonāstandard port numbers, in which case they will be blocked to you unless you create a custom rule allowing that particular port.
You can switch between the modes by clicking the Policy tab in the Firestarter window, selecting Outbound Traffic Policy from the Editing dropdown list, and clicking the radio button alongside either entry.
Here's how to create an outbound rule regardless of what policy you decide upon:
1. Start the Firestarter configuration program, if it isn't already running, by clicking System > Administration > Firestarter. You'll need to type your password when prompted.
2. Ensure the Policy tab is selected within Firestarter and rightclick beneath the Deny Service (or Allow Service) heading near the bottom of the program window. In the menu that appears, select Add Rule.
3. As when creating rules, select the type of connection you'd like to allow/deny from the Name dropdown list. Ignore the sections beneath the When The Source Is heading - they are only for
use if Firestarter is managing Internet connection sharing on your computer.
4. To create a custom rule for a particular port number, manually type a name of your own choosing into the Name field (although this is a dropdown list you can still type within it), and type the port number into the Port box.
TIP If you've opted for a whitelist (restrictive) policy, at the very least you should create individual rules for HTTP, HTTPS, POP3, and SMTP. For a complete list of popular TCP/IP ports, that you can use to create additional rules, see http://en.wikipedia.org/wiki/Port_number.
5. When done, click the ADD button, and the APPLY POLICY button on the main toolbar. Then close Firestarter.
The new rule takes effect immediately. To delete a rule at a later stage, right-click it and select Remove Rule. Then click APPLY POLICY.
Tags: firestarter,firewall,outbound,security,NetworkManager,network,whitelist,blacklist
Related Articles