Every computer user that uses the internet should have a default firewall configureation that is safe
Most distributions of GNU-Linux and Unix systems come with no firewall enabled at all!
Begining users may not know what to do and many intro scripts are either too lax and liberal or too convoluted to understand.
Running this script endwall.sh right after system installation gives a new user a strong firewall configuration.
Easily customizable to the user's networking needs as they grow, with the minimal effort of simply editing a text file.
There are several branches available including for iptables, nftables and even OpenBSD PF.
Give it a try, we know you'll like it!
These files, scripts and configurations were developed by Endwall, of the Endware Development Team
endwall.sh is the original iptables firewall, and works with endlists.sh, endsets.sh for a full featured firewall system.
endwall_wifi.sh is a version of endwall.sh that allows for wifi interfaces and works well on laptops with wifi.
endwall_raspi.sh is an iptables version of endwall_wifi.sh that is tuned for a Rapspberry pi 4 on raspbian 10.
endwall_nft.sh is a netfilter tables (nft) translation of endwall.sh and has been tested working on Debian 11
endwall_nft_wifi.sh is a wifi branch based on endwall_nft.sh and the design of endwall_wifi.sh
endwall_nft_raspi.sh is a wifi enabled version of endwall_nft_wifi.sh tuned for a Raspberry pi 4 on Raspbian 11.
endwall_pf.sh is a translation of endwall.sh for pf developed and tested on OpenBSD 7.1 ,
Read the headers for operational instruction, which is generally, change permisions to execute, then run the file.
Read and modify the file before running it to make sure it is to your liking.
$ ./endwall.sh --help
$ chmod u+wrx endwall.sh
$ ./endwall.sh --help
$ ./endwawll.sh # enable the firewall
$ ./endwall.sh --open # disable the firewall
$ chmod u+wrx endwall_pf.sh
$./endwall_pf.sh --help
$./endwall_pf.sh # enable the firewall
$./endwall_pf.sh -d # deactivate the firewall
$ chmod u+wrx endwall_nft.sh
$./endwall_nft.sh --help
$./endwall_nft.sh # enable the firewall
$./endwall_nft.sh --open # deactivate the firewall