Top 7 open source firewalls to protect your network

Original author: Chandan Kumar
  • Transfer
Data leakage statistics show that every day millions of data are stolen or lost. How secure is your network? Do you use a firewall to protect your network infrastructure? Earlier, I wrote about managed cloud firewalls and received an offer to write about free firewalls or open source firewalls . Here you are!











The following free firewalls are different from web application firewalls . They serve to protect the infrastructure, not the code or application.

1. pfSense


This is an open source kernel security solution based on the FreeBSD kernel. pfSense is one of the leading network firewalls with a commercial level of functionality.

pfSense is available as hardware, a virtual device, and a downloadable source (generic version).



Free you get the general version.

I like their comprehensive documentation , well understood and easy to use. Here are some of the pfSense features mentioned above:

  • firewall - IP / port filtering, connection limiting, link level operation, packet normalization;
  • state table — by default, all rules are in a monitored state, multiple configurations are suitable for processing states;
  • server load balancing - built-in load balancer for its distribution among multiple servers;
  • NAT (network address translation) - port forwarding, reflection;
  • HA (High Availability) - go to the secondary server if the primary fails;
  • multi-WAN (global computer network) - using more than one Internet connection;
  • VPN (virtual private network) - support for IPsec and OpenVPN;
  • creating reports - saving information about the resources used;
  • monitoring - monitoring in real time;
  • Dynamic DNS - includes multiple DNS clients;
  • DHCP Relay support .

More features than some commercial firewalls provide, you get FREE.

Amazing isn't it?

In addition, you also have the option to install packages with just one click.

For example:

  • security - stunner, snort, tinc, nmap , arpwatch;
  • monitoring - iftop, ntopng, softflowd, urlsnarf, darkstat, mailreport;
  • network creation - netio, nut, Avahi;
  • routing - frr, olsrd, routed, OpenBGPD;
  • maintenance - iperf, widentd, syslog-ng, bind, acme, imspector, git, dns-server.

pfSense looks promising and worth trying.

2. IPFire


IPFire is based on Netfilter and is trusted by thousands of companies around the world.



IPFire can be used as a firewall, proxy server or VPN gateway - it all depends on how you configure it. It has great flexibility in settings.

IDS (Intrusion Detection System) is built-in, so attacks are detected and prevented from the very beginning, and with the Guardian add-on you can perform automatic prophylaxis.

You can understand how to work with IPFire in less than 30 minutes. Read more about his features here .

3. OPNSense


OPNSense is a branch of pfSense and m0n0wall. The graphical interface is available in several languages, such as French, Chinese, Japanese, Italian, Russian, etc.



OPNSense has many serious security levels and firewall functions, such as IPSec, VPN, 2FA, QoS, IDPS, Netflow, Proxy, Webfilter, and more .d

It is compatible with 32-bit or 64-bit system architecture and is available for download as an ISO image and USB installer.

4. NG Firewall


Untangle NG Firewall is a single platform where you can get everything you need to protect your organization’s network.



It has a beautiful toolbar, you can try the demo version here . It works as an app store, where you can launch or disable individual applications (modules) according to your needs.

In the free version you get access to the NG Firewall platform itself, free applications and a 14-day trial version of paid features.

5. Smoothwall


Smoothwall express is a free solution with a simple web interface for configuring and managing a firewall.



Smoothwall express supports LAN (local area network), DMZ (demilitarized zone), internal and external network firewall, web proxy for acceleration, traffic statistics, etc.
Shutting down or rebooting is possible directly through the web interface.

Note: The following two programs are for Linux servers only.

6. ufw


ufw (simple firewall) works with Ubuntu. It uses the command line interface to manage the Linux kernel packet filtering system (Netfilter).

7. csf


csf (ConfigServer security) has been tested and is supported on the following OS and virtual servers:

  • RHEL / CentOS
  • CloudLinux
  • Fedora
  • OpenSUSE
  • Debian
  • Ubuntu
  • Slackware
  • Openvz
  • KVM
  • Virtualbox
  • XEN
  • VMware
  • Virtuozzo
  • UML

csf is a firewall with connection state monitoring, logon detection and security for Linux servers.

I hope that the above free firewall solutions will help you save money and protect your infrastructure from being hacked .


LOOKING.HOUSE - on the project collected more than 150 points looking glass in 40 countries. You can quickly execute the host, ping, traceroute, and mtr commands.



Also popular now: