Mastodawn

Hey fedi
Does anyone know a good opensource firewall for a Linux server with an admin panel in web or tui?

I want to see recent tcp & udp connections, preferrably some info about their contents (e.g. compute JA4 fingerprint for TLS, extract domain from DNS request) and be able to immediately block by source/dest IP subnet, ASN, geoip, maybe even by JA4.

I guess i can just google it but i want to hear your recommendations. Firewall is a high-privileged software that have to be trusted anyway.

Thank you

#askfedi #linux #selfhosted #infosec #firewall

Show thread

luna the doggie

@darkcat09 the best I know is cockpit + firewalld + nftables but that does not fit your logging requirements afaik.

Overall that sounds like you need a firewall with deep packet inspection, the basic Linux tools won't do for that.

Well for just tracing stuff like that, in theory one could use wireshark but that may not be practical depending on the volume of requests.