Sirs how do I make my Linux computer safe with a firewall?

Sirs how do I make my Linux computer safe with a firewall?
Iptables is very difficult to use and understand

Attached: images-5.jpg (747x410, 44.47K)

Good morning sir

Good morning sir

“block in on em0” until not retarded

firewalld? firewallconfig? ufw? gufw?

install firewalld. you're welcome.

Why not block "out" as well? If I have a malware installed, it may try to rsync all my data to a remote server. That's an out not an "in".

Allow UDP 53 and TCP 80 and 443, deny everything else it's bloat

we can't let john get the pineapple
It rains this time of the year in every season?

>Any Forums still so fucking stupid they think a firewall is something you put on the computer you're trying to protect

youre right. “block out on em0”immediately

I have just looked it up and it looks as hard as iptables.
Isn't there a simple and straightforward firewall? Does every alternative require you to be a firewall phd?

>hard
firewall-cmd --add-service=ssh --permanent
firewall-cmd --reload


how is this hard? most everything has a predefined vendor service or you can make your own easily.

even rich rules are easier to understand than the equivalent iptables or nftables.

its not bad to have

Enlighten me then. Should I activate my router's firewall?
Sir what is emu0? My wlan interface is called iwnet0 or something like that.

>Should I activate my router's firewall?
YOU FUCKING THINK?
Or better yet a dedicated machine between your router and your PC, but your router is usually good enough.

you don't need a firewall if you have NAT. All routers have NAT.

My router was provided by my local internet company with a preinstalled firmware. It's not very configurable. That's why I was looking for a Linux solution (that's where my sensitive data is anyway).

They think the firewall is some magic thing they see in hacking movies

disable IPv6 and use a router with NAT, sir

If I type
scp file 200.200.200.200:~

It works. Why can't a malware do the same and steal all my sensitive data?

if i block all domains and ips except google and gmail, why can't malware send an email with all my sensitive data?

unplug your keyboard so the malware can't type

I mean, even if you have a firewall, how would you stop this? most people really don't even know what does what and I agree that NAT != security and that whoever mentions it as such is a dumb chimp.

So should I block all domains except for the ones I use using hosts.deny and hosts.allow instead of bothering with a firewall?

Not OP but I have to block certain IP's on my LAN from accessing a NAS.

Faking input
TIOCSTI
Argument: const char *argp

Insert the given byte in the input queue.


heh.... nothin, personnel, kid.

That' my fear, I'm not afraid of someone directly hacking into my computer or even my local network. I'm afraid of downloading a program which turns out to be a malware and it stealing all my data.
I have several random Python libraries installed with pip, a banking security application, Windows applications running under wine, and any of these can choose to rsync my home folder away and ruin my life.