Request for feedback (Firewall newb)

Hehey Folks, its me again. :slight_smile:

I need some feedback, cause i’m not a specialist in the deep with Firewalling.
In my personal life, i have no one who can help me (i’m the only it-dude around my freinds), but the case is a firewall and i have to understand, what’s good and what are “dont’s” and why is it wrong or good to do it so, or so.

So please if someone take his time to read my conf and let me know, why i’m a complete idiot :wink: i would be really apriciate it.

Warm regards

Andi / Yog

Hi @yog.
First of all, you may need to know what do you expect the firewall to do. Certainly there a good and bad practices, which are not vendor specifics, and applies to all.
Sure in internet, you may search and find lot of information about good and bad practices.
If you are a newbie, for start I would suggest a classic and permissive firewall (not zone based)… Accept all, and then start blocking some specific traffic (I guess this is lab, no production). And as you gain knowledge, you may apply different rules based on Ip addresses, ports, connection states…
Always remember that firewall rules are processed in order.

1 Like

Hey n.fort
Thanks for your reply, yes i know some basics and this in my conf ist the basic and if this base settings are ok, i can go further.
But i’m not really sure if there is a “lack” cause of my knowledge, and if there is a “lack” i need to know and why, OR where i can read about the cause of the “lack”.

If i dont see an “lack”, i can not search about the “lack”, but there can be one. :slight_smile:
Firewalls are really tricky and what i already learn was: you don’t need bfd and fail2ban on the same machine and same port. hehe that can cause funny behavior. :wink:

this in my conf ist the basic and if this base settings are ok, i can go further.

Did you test your config? Best way, and maybe the only way to know if your firewall rules are OK, is testing it.
As said before, before designing firewall rules, you need to know what do you want to permit, and what do you want to forbid, and how you can tests all those requirements.
After those tests, you may know if its ok or not.

I guess you just expected an answer “Thats OK”, or “check this line”, but it’s not that easy to say, if rules are not tested.
If there’s a particular rule or configuration that is not working for you, then explain what you want to do, how did you try to achieve that goal, and if you have no success, then we are here to help!

@yog I’m not sure what your level of expertise and experience is with Firewalls in general, but if you’re just getting started, you may find the free CompTIA certification video training available at professormesser.com valuable.

Here’s his 19 minute overview of firewalls. (vendor-neutral)