IqFIRE-wall: a graphical linux firewall for your desktop: installation

• Home
• Console
• Natural Language
• Rule tree
• Rule view
• Statistics
• Installation
  • Installation
  • ubuntu 8.04
  • ubuntu
  • on debian GNU/Linux
  • Configure the firewall
• Help

IqFIRE-wall configuration

In this page some configuration aspects are described and illustrated, to give the user an idea of how much iqfire-wall is configurable.

When iqfire-wall is successfully installed, it is already configured to suite the needs of an average user who does not know much of linux and firewalling. In particular, there are some default policies which:

• allow all the traffic through the local host (the loopback);
• allow the outgoing traffic generated by your host;
• allow in particular the services:
• ftp;
• web browsing;
• http secure (https);
• incoming and outgoing connections to the secure shell (ssh) service;
• Domain Name Service (DNS), to resolve names into internet addresses;

These settings should allow a good compromise between network usability and security. As the user becomes more experienced, he can personalize the firewall adding or removing rules as he likes.

The general configuration page

This configuration page is reached by clicking on the Settings menu entry and choosing Configure the firewall interface. Here one can decide to load the firewall at the moment the desktop is loaded and to startup with the main window shown or hidden. The automatic startup function depends on your desktop manager: Gnome and KDE are supported.

The system tray icon configuration page The iqfire-wall system tray icon offers some interesting features: an animation and a pair of popups that notify various events, such as the arrival of a network packet that the firewall does not know how to treat (there is still no rule to manage it) or the match of a packet with a rule that was marked for notification.
Actually, any rule can be marked for notification and, when a packet matches such a rule, a notification is popped up over the system tray icon.

The documentation and rulesets paths configuration page The files containig the firewall policies can be put wherever you like in your file system. The Firewall Rules section allows you to personalize the place where the firewall looks for the set of rules to load at startup. Remember that this setting requires the software restart.
IQFIRE-wall comes with an interactive help and info system which provides hints and useful pieces of information in association with each element of the user interface (line edits, push buttons, check boxes..). The html files containing the help are usually placed in a default position in the iqfire-wall installation directories, but every user can modify the contents or modify the style of the help files (there are CSS stylesheets associated to the html files) in a directory of his own and tell the software to pick up those files in another folder.
The information/help widgets change their contents when the user moves the mouse over the elements of the graphical interface, but this change takes place after a delay which can be set acting on the Interactive help/info delay spin box at the bottom of the window, that can be modified as the user likes, simply remembering that the values are intended to represent a delay expressed in milliseconds.

The user interface styles configuration page The Qt 4 graphical libraries allow the personalization of the style of each widget by means of a simple stylesheet written as a cascading style sheet document (CSS).
To know how to create personal styles, read the Qt Style Sheets documentation and create your style sheet as you like. Once you have created your css stylesheet, you can add the new style to the list and select it to use it.
You can select one of the Qt default styles too.

The updates notification configuration page This widget allow configuration of the parameters that provide a notification for software updates. If you usually connect to an http proxy to browse the world wide web, then you probably need to setup correctly the Http proxy settings section, providing all the requested parameters to connect to the network http proxy.

The administrator's advanced settings configuration page In this page, which is enabled only for the root user, the administrator can tune the firewall enabling or disabling some important features, like NAT or the grants given to the normal user.
Normally, the default installation of iqfire-wall sets up a configuration which is likely to suite well the needs of the users still fresh to linux firewalling and iqfire-wall.
As usual for all the elements of the user interface of iqfire-wall, move the mouse over the various elements of this window to obtain useful information and some hints on the configuration of this section.