You need to route network traffic cleverly, e.g. for a vpn, filesync client or ssh, or various server security. Note that you might also want to look at application firewalls which stop specific software from doing things, as opposed to network ctivity.
Oh sweetie. If you are getting advice from me, you are royally fucked. I’m so sorry. I’m not the kind of person who knows about network stacks. Otherwise how would I have had time to do the other things for which you would read the blog?
Anyway, let’s discover this together.
IceFloor 2 is group based, like the old ServerAdmin firewall tool. Control filtering, bandwidth, logs, connections and custom PF configurations.
(No longer current for recent macOS)
macOS features one of the best network firewalls: PF (Packet Filter). It comes in an “under the hood” fashion, installed and disabled by default.
Murus’ purpose is to unleash its potential. With its easy and intuitive icons-based and drag&drop-based interface, visual layers of abstraction and a friendly view of the PF firewall it’s a lean and mean tool to protect your Mac and network.
Designed with ease of use in mind, yet full of advanced options and monitoring tools, Murus is perfect for everybody; from the average user to the experienced UNIX guru/system administrator and even for educational purposes.
Configure and start the PF firewall in one click using built-in presets, use Murus graphical ruleset editor design tool or write fully customized rulesets using the advanced rule editor.
Murus Pro includes Vallum, an application-layer firewall. This allows you to take full control of your Mac at both application and network level..
Do you need one? Yeah. Do you have one by default? No.
So what’s the Linux networking routing doo-dangle called?
iptables. This is how you interact with the
netfilter subsytem. How does it work? Fucked if I know; every time I touch it I break things because there are thousands of moving parts in a modern computer’s networking system.
There are a million firewalls for Linux, but the one that n00bs like me seem to get recommended is ufw the Uncomplicated FireWall, which is installed on Ubuntu per default. This in turn provides a simpler front end to
gufw is a friendly GUI for
ufw. GuFW AFAICT doesn’t add much value in terms of visualising your firewall, which would be the big win. It’s just some knobs and buttons to type the firewall commands for you.