{{Header}} {{#seo: |description=General information about {{project_name_gateway_long}} firewall. How-To: Changing firewall settings and Open a Port in {{project_name_gateway_long}} Firewall. |image=Firewall146529640.png }} [[File:Firewall146529640.png|thumb]]
* [[Whonix-Gateway Firewall]] * [[Whonix-Workstation Firewall]]
{{intro| General information about {{project_name_gateway_short}} firewall. How-To: Changing firewall settings and Open a Port in {{project_name_gateway_short}} Firewall. }} = Introduction = {{project_name_long}} has an iptables rules script and firewall configuration file for both {{project_name_gateway_short}} and {{project_name_workstation_long}}. {{project_name_gateway_short}} firewall features include: https://github.com/{{project_name_short}}/whonix-firewall
* transparent proxying * stream isolation * reject invalid packages * fail closed mechanism * optional VPN-Firewall * optional isolating proxy * optional incoming flash proxy * optional Tor relay
The firewall should not be removed unless you no longer wish to use {{project_name_short}}. = {{project_name_gateway_short}} Firewall Settings = {{Box|text= '''1.''' {{Firewall_Settings_Gateway}} '''2.''' Add setting. '''3.''' Save. '''4.''' {{Reload_Firewall}} '''5.''' Done. The procedure is complete. }} = How-to: Open an Incoming Port on {{project_name_gateway_short}} Firewall = == From the Outside == {{Firewall_Custom}} '''Host{{project_name_gateway_short}} '''InternetHost{{project_name_gateway_short}} This will allow an incoming connection on {{project_name_gateway_short}} originating from: * if using VM: the host. * if using physical isolation: the Internet. {{Box|text= '''1.''' {{Firewall_Settings}} '''2.''' Add. Replace 80 with the actual port you would like to open. {{CodeSelect|code= EXTERNAL_OPEN_PORTS+=" 80 " }} '''3.''' Save. '''4.''' {{Reload_Firewall}} '''5.''' Done. The procedure is complete. }} == For Connections Originating from {{project_name_workstation_short}} == {{Firewall_Custom}} '''{{project_name_workstation_short}}{{project_name_gateway_short}}''' This will allow incoming connections from {{project_name_workstation_short}} to {{project_name_gateway_short}}. It might be useful for [[Tor#Additional_SocksPorts|Tor additional SocksPorts]]. ('''{{project_name_workstation_short}}{{project_name_gateway_short}} → Tor SocksPort''') {{Box|text= '''1.''' {{Firewall_Settings}} '''2.''' Add. Note: Replace 9230 with the actual port you would like to open. https://forums.whonix.org/t/internal-open-ports-setting/11404/1 {{CodeSelect|code= INTERNAL_OPEN_PORTS+=" 9230 " }} '''3.''' Save. '''4.''' {{Reload_Firewall}} The procedure is complete. }} = See Also = * [[Ports|Open a Port(s) in {{project_name_short}} and Port Forwarding]] * [[Configuration_Files#Configuration_Drop-In_Folders|{{project_name_short}} Configuration Drop-In Folders]] * https://github.com/Whonix/whonix-firewall/blob/master/etc/whonix_firewall.d/30_whonix_gateway_default.conf * https://github.com/Whonix/whonix-firewall/blob/master/usr/bin/whonix-gateway-firewall * https://github.com/Whonix/whonix-firewall * [[{{project_name_workstation_short}}_Firewall|{{project_name_workstation_short}} Firewall]] * [[Install_Software#Whonix-Workstation_is_Firewalled|{{project_name_workstation_short}} is Firewalled]] * [[Redirect_Whonix-Workstation_Ports_or_Unix_Domain_Socket_Files_to_Whonix-Gateway|Redirect Whonix-Workstation Ports or Unix Domain Socket Files to Whonix-Gateway]] = Footnotes = {{reflist|close=1}} {{Footer}} [[Category:Documentation]]