Which software firewall to use on servers

do you use firewalls on servers?

servers are usually behind router/firewall at home, so you can avoid firewall on server.
but if you have VPS in cloud then server is reachable from internet, it has static IP.

also I think that firewall should be running on home server too. you never know which member of family get some virus / malwatre on his device :wink:

I am runnig mix of services on my home servers, some of them are running in docker container. And managing docker networks with firewall is sometimes bit complicated.

I am using shorewall but thinking about change to firewalld.

what do you think?

I use ufw, it works with both my Ubuntu & Debian servers.

1 Like

Layered protection always. When it comes to security and the inner sanctum of your network it pays to let, as the old tune says, “paranoia runs deep.” I would second Tom’s recommendation of UFW.

ok, I decided to go with firewalld, it is using nftables in background.

but docker still want to use iptables and did mix those two, but finally I did find way what todo.
thanks to following post

If using Docker with Ubuntu or other distribution that uses iptables, you’ll need to be cognizant of where the Docker daemon writes its rules. iptable rules are matched from top down and usually docker inserts its own rules (or chain) at or very near the top of the ruleset, effectively bypassing other lower rules. Just something to be aware of.