“In this post, I’ll share a step-by-step guide on how to setup IPFire Free Linux Firewall.”
IPFire Linux Firewall is an open-source high-level firewall distribution that is easy to operate and flexible enough to be used by enterprises, authorities, individuals and just about anyone. IPFire has been designed with a modularity and flexibility where it can be deployed on your network as a firewall, proxy server, VPN gateway, DHCP server, Open VPN, monitoring and more.
Before I share how to setup IPFire, let me discuss why you should secure your network with IPFire.
IPFire Free Linux Firewall: Highlights
“The IPFire development team understands that security means different things to different people and certainly can change over time. The fact that IPFire is modular and flexible makes it perfect for integrating into any existing security architecture.
Don’t forget that ease-of-use is a key principle. If all this sounds a little too much for you, IPFire comes with great default settings out-of-the-box, meaning it’s a snap to get going quickly.”
The main agenda of IPFire is security and while it forms the base of a secure network, you can easily configure the firewall for the type of security that will suit you best. Here I’ll take you through brief color codes of the Firewall security in IPFire.
Stateful Packet Inspection (SPI) firewall in IPFire
IPFire implements SPI in firewall built over the Linux packet filtering framework. In the following installation guide, you’ll see that the network is configured in four segments identified by four colors.
With this segmentation, each machine will have a defined place on the network. Each color segment represents the group of computers that share the common security level on the network.
A Brief Description of the Segments
- Green: Green is the “safe area” which includes all the regular clients. Here, the clients can easily access other segments without any restrictions.
- Red: Red is considered the “danger area” or in simple words, connection to the internet. Nothing can pass through until specified by the administrator.
- Blue: Blue segment represents the “wireless network” and because it poses a potential danger the clients will require explicit permission before they access the network.
- Orange: Orange is the DMZ or “demilitarized zone”. Any servers which are accessible by the public are separated by the rest of the network to prevent the security breaches in the network.
The latest release IPFire 2.19 with core update 114, the GUI has been completely rewritten and immensely extended with new functionality. Now, you’ll be able to manage groups of hosts or services. This makes it simple for admin to create similar rules and use it for a great number of groups, hosts, and services.
Other Highlights: Why You Should Install IPFire Linux Firewall
- Easy to Administer: With a state-of-the-art firewall, IPFire makes it easy to administer even the most complex networks in an enterprise.
- Designed Security: IPFire has been designed with a vision of providing high security with a modularity and flexibility whether you’re an individual or a large enterprise. You can rest assure that IPFire will be able to protect the network from various types of attacks.
- Package Management System: IPFire has an integrated packet management system called PakFire which can update the whole system with just a single click. It is a faster and quick process to install patches, bugfixes and feature enhancements that make IPFire safer and better.
- Higher Degree of Performance: IPFire runs well on embedded software and has been proven to provide a higher degree of performance and run evenly on all kinds of software.
- Easy to Install: IPFire installation takes 15-20 minutes and it is relatively easier to use for the expert features required in professional networks.
- Open Source: IPFire is a free software released under GPL license. This open-source software has a strong community of developers and users who are working on improving it every single day.
Now, if you’re interested to know more about the raft of features supported by IPFire you must check out the detailed features page of the latest release.
For now, let’s begin with the next section.
How to Setup IPFire Free Linux Firewall: Recommended System Requirements (Minimum)
- 512 MB RAM
- 2 GB Hard Disk Space
- 2 Network Cards (with 1 GB transfer speed)
- i586 CPU (Intel Pentium 333 MHz)
Now, that you’ve checked if your system is compatible with IPFire, let’s get started with the setup guide.
How to Setup IPFire Free Linux Firewall: Installation Steps
In this installation guide, I’ll be using the installation using a CD/DVD. However, you can also use a bootable USB drive for the installation as well.
- Visit the official downloads page of the IPFire website.
- Now, select Download IPFire 2.19 and select the appropriate ISO image file for your system and burn it to the CD/DVD.
- Now, run the DVD and boot the media on your system.
- From the screen, select Install IPFire 2.19 to start the installation.
- Next, select the Language according to your region. Here I’ll select English and click Ok.
- In this step, you can cancel if you don’t wish to proceed and reboot your system.
- Now, accept the license and click OK to proceed. You can select the spacebar on your keyboard to select the option and then click OK.
- In this step, you’ll be issued a warning that all the data on the disk would be destroyed. Select yes to agree to continue and then click OK.
- Next, you’ll be asked to select the file system. Click on Ext4 and select OK.
- Once you have selected the file system, the installation will begin. It may take up a few minutes. All the disk data will be formatted and system files will be installed.
- With this step, IPFire will be installed and you’ll be prompted to reboot the machine. Click “Press OK to reboot”.
- After the system has rebooted successfully, you can proceed with the other steps to configure ISDN, system passwords and network cards.
- Now, as the system reboots you’ll be prompted with a menu to select the option. Select the default option and press enter.
- Now, select the type of keyboard here as per your discretion. I’ll select US and click OK.
- Here, select the time zone you’re in and click OK.
- In this step, select a hostname for firewall machine. By default, it will be ipfire. If you don’t wish to make any changes, click OK to proceed.
- In this step enter the domain name. It should be a valid domain name. If you don’t have one, we can define it later on. Now, click OK.
- Here, enter the root user password for Command-line prompt. Enter a secure password twice and click OK.
- Now, enter another password which must be different from the one you created for command-line access. This password will be used to log in to the IPFire web administration pages. Enter your password and click OK.
- In this step, I’ll proceed with the network configuration settings of IPFire. Here, select Network Configuration type. I’ll use 2 Ethernet cards in my IPFire Firewall system. The individual network cards have to be configured separately. By default, it will pick the GREEN+RED scheme. This means that it’ll connect to the local and WAN server with Internet access.
- Now, select GREEN+RED for the two network cards and click OK.
- In the network configuration menu, select Drivers and Card Assignments and press OK. This option will help you to select the network which will assign LAN and WAN interfaces.
- Now, select GREEN and press SELECT to enable an interface for the two network cards.
- Now repeat the same step for the RED interface and press DONE.
- Here, select Address Settings from the menu and click OK. In this step, I’ll assign the IP Addresses for the network interfaces. Because there are two interfaces, I’ll be assigning a different IP for both from varied sub-nets.
- Select GREEN and click OK. You’ll receive a warning. Click OK to proceed. Provide the localhost IP for Green which is 192.168.1.1 and click OK.
- Select RED and click OK. Now here, click DHCP to get the IP address from the ISP provider or you can enter the IP manually.
- After selecting DHCP, press OK and then click DONE.
- Now, select DNS and Gateway Settings and press OK.
- Here, you can configure your DNS and gateway settings. For ease of user, it is better suited to leave them blank and click OK.
- Press DONE to exit from the DNS settings.
- In this step, I’ll take you through the DHCP configuration process. Here, I need to configure these settings for the GREEN interface. DHCP pool range will be from 192.168.1.2 to 192.168.1.100
For instance, if I assign the IP address 192.168.0.100 for RED, I will have to use a different IP for the GREEN one. In this guide, I’ll be using DHCP for the RED interface.
First, enable the DHCP configuration, then enter the following information if you’re unsure what to do:
- Start address: 192.168.1.2
- End address: 192.168.1.100
- Primary DNS: 192.168.1.1
- Secondary DNS: 22.214.171.124
- Default lease (mins): 60
- Max Lease (mins): 120
- Domain Name Suffix:
Now click OK.
Enter root as admin and your selected password.
If entered correctly, you’ll be able to access the CLI of IPFire easily.
There are multiple features in the IPFire including Advanced Web proxy, Bandwidth Monitoring, Log collector, Memory services, DNS forwarding, DNS server, Update accelerator, Content filtering, Connection scheduler and a lot more.
It’s up to you and your definition of “security” to enable the versatile features and functionality in the popular open-source IPFire Linux Firewall.
How to Setup IPFire Free Linux Firewall: Summary
IPFire Linux Firewall is the best and most effective security solution for any individual or an enterprise network. I hope with this guide you learned how to setup IPFire free Linux firewall for your network as well.
Did you find this tutorial helpful or you have some questions? Drop in your quick comments below and I will try to help you out.
For more such articles, stay connected with Freaksense.>