I tried installing pfsense earlier but I saw zero point in doing so. And skipped very soon. I want to use firewall at my home. Why should I use firewall? What are benefits? Since I can block ports access via linux firewalld (on rocky 9), why do I need another firewall software? I am genuiinely concerned about learning firewall because i get asked about networking concepts time and again. I want to find a use case so i can learn by hands on way.
1 Like
The beginnings of an answer
2 Likes
To have a secure network that is also fast.
Think about it the other way around: You will be exposed to the Internet to a countless number of threats, bad people, and you will sooner or later have those systems exploited because they are not designed to be out in the open internet.
A firewall really isn’t optional.
2 Likes
If you have one device in your local network only, you can do the firewalling, security, … on your personal system. That’s true. But
- if you add more devices, you have to do this on all systems;
- you are at your own in selecting security mechanisms, with IPFire there is a great community with you;
- the IPFire device is a dedicated system and running independent from the OS and programs on your personal computer(s).
1 Like
This is a great question Jungroo. And it applies to small family networks as well. I think we could work at richer answers. Even in circumstances where one is not running any Internet servers or not yet supporting remote access. People will say “Well the ISP gives you a firewall in their modem, why waste your time?” I have a sense of multiple different important benefits for putting IPFire between us and the world. But I’d like to see a really good document on this.
hello everyone
I held a presentation back in 2016 called a firewall in every home
it was intended to raise awareness among people about protecting their home networks
1 Like
local logging.
personal rules on allowed programs thats external from your computer.
addon for customizations.
filters for control of content.
control of dns servers
speed.
offloading cpu usage to another computer.
etc.
2 Likes
A firewall is only one part of a security concept. It can be used to implement rules that you have previously defined. What do you want to protect yourself from? For example, how should IP traffic flow? The difference between a firewall and an ordinary Internet router such as a FritzBox, which usually also blocks all incoming Internet traffic, unless you allow a certain type of traffic with port forwarding, is the ability to control all IP traffic. The approach here is to allow only the outgoing IP traffic that is really needed at IP address and UDP/TCP port level. Even better Internet routers with configurable packet filters can do this. Such as Mikrotik’s hEX series, or even end user routers flashed to OpenWRT. The key to a real firewall or UTM appliance is also the ability to look into the IP traffic. This is implemented with proxies or application layer gateways running on the firewall.
In a business environment, this is practically mandatory. Even if my practice shows again and again that routers provided by the Internet provider are used in companies. With such routers it is not possible to control the company network and IP traffic.
So there is no general answer to the question of whether you need a firewall at home. However, a person interested in computer technology usually wants to have a dedicated firewall.
1 Like
is this an ai 
Looking into IP traffic, called MITM, is not allowed in all countries. Germany as an example!
Then we are reducing every UTM to a mere packet filter. By the way, virus scanners do the same thing. Almost every Windows virus scanner I know installs a trusted certificate on the computer, which is used to check the browser’s HTTPS traffic. Either everyone quietly accepts this, or it only applies to the fact that no Internet provider is allowed to use DPI. But it would also be noticeable because my browser would display an SSL error if the provider delivered its certificate for Google, for example.
In corporate networks, it is common for DPI to be used and for computers to be equipped with the UTM certificate via the Windows domain using GPO.
This are two different use cases.
- DPI on the end device is okay, and necessary ( virus scanners for example )
- DPI in the UTM system may be not allowed, especially for encrypted traffic.
In corporate networks DPI may be allowed, if the fact is known to and accepted by all users of the network.
This makes it a bit difficult for BYOD and guest access. Either the accept page is not really transparent or access by unknown devices isn’t possible.
The fact, that it is used broadly doesn’t legalize.
2 Likes