How To Setup Home Application Firewall using Portmaster

In this era of sophisticated data theft and other cyber attacks, firewalls have become even more important components in a network. It helps prevent attackers from gaining unauthorized access to data, emails, systems etc. They can prevent malicious and unwanted traffic from entering your environment.

As a system admin, you probably have interacted with many firewall systems such as Sophos, Fortinet, pfSense, Palo Alto Networks, ZoneAlarm, SonicWall etc. In this guide, I will introduce to you another cool tool that can be used to set up an application firewall in your environment.

What is Portmaster?

Portmaster is a free and open-source tool that can be used to set up a home application firewall with ease. This tool does the lifting for you and helps you restore privacy and take full control over your network. It is able to improve your privacy greatly using the defaults. If you are interested in more advanced configurations, Portmaster is able to handle that as well.

Postmaster provides a lot of features and benefits that include:

• The ability to Monitor All Network Activity: You are able to discover all that is happening in your computer expose all the connections your app makes and detect the malicious ones.
• Auto-Blocking Trackers & Malware: It is able to block ads, trackers and malware on your host. It is configured to do this by default, using trusted filter lists which are also used by Ad-Blockers, etc. The defaults can easily be changed on demand.
• Secure Your DNS by Default: Portmaster can also be used to hide the DNS requests by automatically securing and re-routing the DNS queries to a DNS-over-TLS provider of your choice.
• Explore the Docs and Source Code: There is an open source code for Portmaster with well-written documentation for users.
• Create custom rules: Portmaster comes with great defaults. However, this shouldn’t limit you from creating custom rules for your environment. The rules can be tweaked to fit your needs and threat model.
• Set Global & per‑App Settings: You can easily cut off apps from the internet, or simply block all p2p connections globally and allow them for specific apps. You can also set geo-restrictions etc.

Follow the below steps to learn how to set up a Home Application Firewall using Portmaster.

Install Portmaster on your system

Portmaster offers binaries for Windows and Linux-based systems. They can be downloaded from the Portmaster downloads page.

You can also use wget to pull the installer package for your system with the command:

##For Debian/Ubuntu
wget https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer.deb

##For Fedora/CentOS/Rocky Linux/Alma Linux
wget https://updates.safing.io/latest/linux_amd64/packages/portmaster-installer.rpm

##For Windows
wget https://updates.safing.io/latest/windows_amd64/packages/portmaster-installer.exe

Once the installer has been downloaded, you can proceed and install Portmaster.

On Windows, you need to execute the EXE package and follow the installation steps to the end. You will need to reboot the system since complete.

On Linux, execute the installer with the command:

##For Debian/Ubuntu
sudo apt install ./portmaster-installer.deb

##For Fedora/CentOS/Rocky Linux/Alma Linux
sudo yum install ./portmaster-installer.rpm

On Arch/Manjaro and EndeavourOS, you can install Portmaster straight from AUR by executing the command:

sudo pacman -S portmaster-stub-bin

You can also use the generic installer for any Linux distro with:

curl -fsSL https://updates.safing.io/latest/linux_all/packages/install.sh | sudo bash

Once the installation is complete, a system reboot is recommended.

sudo reboot now

Access And Use PortMaster

Once installed successfully, you can launch and use Portmaster from the App Menu.

Portmaster will start with the below interface.

Ensure the service is started by clicking on the button shown above.

You might need to make a few customizations to the default profile

Make the customizations as desired.

Enable DNS security.

Finish the configuration.

Now the Portmaster dashboard will appear as shown.

This is how a free version looks, you can enable more features by purchasing the license.

Now just to demonstrate, let me show you how you can block or allow traffic through an app with Portmaster. To achieve that, navigate to the apps tab.

Select the app which you want to protect. For this case, we want to block traffic to sssh. By clicking on SSHD, you will see this page.

Here, you can see the connections and those blocked. For now, we have SSH connections allowed

In the settings tab, you can block traffic as desired.

Now SSH traffic will be blocked as configured. You can set more rules to block the traffic as per your needs.

From this example, you can proceed and make many other firewall configurations in your network. See more in the Portmaster documentation

Conclusion

This is the end of the guide on how to Set up a Home Application Firewall using Portmaster. The guide has only covered a simple example of how to manage traffic in the environment. Feel free to explore more on your own. I hope this was informative.

See more:

• Install and use Firewalld on Ubuntu 22.04|20.04|18.04
• Common UFW Firewall Commands With Examples
• How To open a port in Windows Server Firewall
• Install and Use CSF Firewall on RHEL / CentOS 8/7