Difference between revisions of "Firewalls (Italiano)"

From ArchWiki
Jump to: navigation, search
(gShield: tranlated)
(Firehol: translated)
Line 51: Line 51:
[http://firehol.sourceforge.net/ FireHOL] is a language to express firewalling rules, not just a script that produces some kind of a firewall. It makes building even sophisticated firewalls easy - the way you want it. The result is actually iptables rules.
[http://firehol.sourceforge.net/ FireHOL] é un linguaggio per esprimere le regole del firewall, non solo uno script che produce qualche tipo di firewall. Rende facile costruire anche un sofisticato firewall come si desidera.
{{Codeline|firehol}} is available in the community repository.
{{Codeline|firehol}} è disponibile nel reopsitory {{Codeline|comminity}}

Revision as of 17:18, 2 October 2011

Tango-preferences-desktop-locale.pngThis article or section needs to be translated.Tango-preferences-desktop-locale.png

Notes: please use the first argument of the template to provide more detailed indications. (Discuss in Talk:Firewalls (Italiano)#)

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.

Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어

External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

Un firewall é un sistema destinato a prevenire accessi non autorizzati ad una rete privata (che può essere anche una singola macchina) o provenienti da essa. Il firewall può essere realizzato mediante hardware, software o da una combinazione. I firewall sono frequentemente impiegati per impedire ad utenti di internet non autorizzati di connettersi a reti private collegate con internet, specialmente reti intranet. Tutti i pacchetti in entrata ed in uscita dalla intranet passano attraversano il firewall che esamina ogni pacchetto e ne permette l'ingresso, ne permette il transito, oppure lo nega ai pacchetti in base a criteri di sicurezza specificati.

Si può trovare una buona lista di firewalls quì. Ed un confronto tra alcuni firewall quì.

Ci sono molti post nei forums riguardo alle differenti applicazioni firewall e scripts, così sono stati riuniti qui in un'unica pagina - perfavore aggiungete i vostri commenti riguardo ad ogni firewall, specialmente facilità d'uso e controlli di sicurezza in Shields Up

Note: Checks at Shields Up are only a valid measure of your router should you have one in the LAN. To accurately evaluate a software firewall, one needs to directly connect the box to the cable modem.


The Linux kernel itself has very powerful firewall called iptables. Other firewalls are usually just frontends.

See the iptables article for more information.

More info:

iptables front-ends

Arno's Firewall

Arno's IPTABLES Firewall Script is a secure firewall for both single and multi-homed machines.

The script:

  • EASY to configure and highly customizable
  • daemon script included
  • a filter script that makes your firewall log more readable


  • NAT and SNAT
  • port forwarding
  • ADSL ethernet modems with both static and dynamically assigned IPs
  • MAC address filtering
  • stealth port scan detection
  • DMZ and DMZ-2-LAN forwarding
  • protection against SYN/ICMP flooding
  • extensive user definable logging with rate limiting to prevent log flooding
  • all IP protocols and VPNs such as IPSec
  • plugin support to add extra features.


ferm (which stands for "For Easy Rule Making") is a tool to maintain complex firewalls, without having the trouble to rewrite the complex rules over and over again. ferm allows the entire firewall rule set to be stored in a separate file, and to be loaded with one command. The firewall configuration resembles structured programming-like language, which can contain levels and lists.


FireHOL é un linguaggio per esprimere le regole del firewall, non solo uno script che produce qualche tipo di firewall. Rende facile costruire anche un sofisticato firewall come si desidera.

Template:Codeline è disponibile nel reopsitory Template:Codeline


Firetable is an iptables-based firewall with "human readable" syntax.

Template:Codeline is available in AUR.


gShield è un sistema semplificato di configurazioni per iptables. (Non ha niente a che fare con GNOME) Semplice da configurare, blocca tutto ciò che non è necessario(o quasi) di default. Viene gestito mediante un unico file di configurazione. Risultando completamente sicuro su grc.com .

Template:Codeline é disponibile su AUR.


  • Facile da configurare,
  • Solo un file di configurazione,
  • Ti da la configurazione di iptables, che é il miglior firewall.


  • Non ha una GUI


Il Shoreline Firewall, più comunemente conosciuto come "Shorewall", é un'utilità di alto livello per configurare Netfilter. Descrivi le richieste del tuo firewall/gateway utilizzando entrate (using entries) in un set di files di configurazione. Shorewall legge questi file di configurazione e con l'aiuto di iptables utility, configura Netfilter per incontrare le tue richieste. Shorewall può essere usato su un sistema firewall dedicato, un gateway/router/server multifunzione o su un sistema GNU/Linux singolo. Shorewall non usa il (Netfilter's ipchains compatibility mode) e può quindi avvantaggiarsi del tracking dello stato delle connessioni fornito da Netfilter.

Template:Package Official è disponibile nel reopsitory Template:Codeline.


ufw (uncomplicated firewall) is a simple frontend for iptables and is available in [community].

See Uncomplicated Firewall for more information.


Vuurmuur Vuurmuur is a powerful firewall manager built on top of iptables. It has a simple and easy to learn configuration that allows both simple and complex configurations. The configuration can be fully configured through an ncurses GUI, which allows secure remote administration through SSH or on the console. Vuurmuur supports traffic shaping, has powerful monitoring features, which allow the administrator to look at the logs, connections and bandwidth usage in realtime.

Template:Codeline and is available in AUR.

iptables GUIs


Firestarter is a good GUI for iptables writen on GTK2, it has the ability to use both white and black lists for regulating traffic, it is very simple and easy to use, with good documentation available on their website.

Firestarter has gnome dependencies and is available in AUR.


Guarddog is a really easy to use GUI for configuring iptables. After setting up a basic desktop configuration it passes all Shields Up tests perfectly.

Guarddog requires kdelibs3 and is available in the AUR repository.

To have the firewall settings applied at bootup you must run /etc/rc.firewall from inside /etc/rc.local or something similar.

Uncomplicated firewall frontends

See Uncomplicated_Firewall#GUI_frontends.


KMyFirewall is KDE3 GUI for iptables.

Firewall editing capabilities are simple enough to use to be suitable for beginners, but also allow for sophisticated tweaking of the firewall settings.

KMyFirewall requires kdelibs3 and is available in AUR.

Firewall Builder

Firewall Builder is "a GUI firewall configuration and management tool that supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA) and Cisco routers extended access lists. [...] The program runs on Linux, FreeBSD, OpenBSD, Windows and Mac OS X and can manage both local and remote firewalls." Source: http://www.fwbuilder.org/

Template:Codeline is available in the Template:Codeline repository.