I like iptables + opensnitch
Linux
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
I like firewalld. Its also used on many enterprise distros (RHEL, SLES).
But if you just have to open one port for something, just use what's installed on your distro.
Network Filter Tables (NFT) is the current system. https://wiki.nftables.org/wiki-nftables/index.php/Main_Page
@merompetehla UFW and firewalld provide a higher level of control, which means that they are quicker to learn, easier for simple tasks but harder to use in more granular levels. Their setup is translated into iptables rules at the end. With Iptables or its successor Nftables, you'll need to invest a bit more time to learn but have a more granular level of control at the end. I hope this helps.
You could use it together with opensnitch
How often are you going to be managing ports?
Just use any tool you like, all they do is fiddle with the Kernel's filter table.
IMO firewalld because it's going to be more portable knowledge.
Iptables. Because in the end its iptables, so I learned it from the beginning „the right way“ and i am therefore not locked into one or another
This is even better than my answer.
if you use docker, docker ignores ufw rules
It'll also ignore the default firewalld rules. IIRC it uses the internal
zone instead
Good to know, thx
I found firewalld had so many options that it was a bit overwhelming at first, especially understanding how zones were actually meant to be used, and how each zone had a default handover for the unhandled traffic. But OpenSUSE has a GUI for it so I was able to make sense of it. UFW seemed pretty user friendly and atraight forward.
OS is xubuntu 24.04
Ubuntu defaults to ufw. That, by itself, justifies the use of ufw in your case.