There are two ways of using EasyWall: from command line (just some basic commands) and from a GUI
From command line, the user has three commands, that can be invoked using easywall COMMAND. The available commands are:
This is the main window. The programs available are divided into nine cathegories:
EasyWall can check if a program is installed or not in the system, so if you don't have aMSN installed, you won't see its entry in EasyWall. That means too that the template for a program (like BitTorrent) must be modified and copied with another name to be used with a similar program (like Azureus).
By marking the checkbox located at the right, you allow that program to be accessed from the Internet, and by unchecking it you disallow it. The changes are applied only when you click the Apply button, so if you change the status but close the window without applying them, you will loose them.
The button at the upper part allows to start and stop the firewall.
The programs showed in black have fixed ports. Double-clicking them or pressing the Edit button will show you the port list, but you won't be able to modify them.
But the programs showed in blue have, at least, one editable port. You can modify its values to adjust them to your configuration.
Is possible that EasyWall doesn't contain a template for a specific program. That's why it allows to define new templates in an easy way. Just clicking the Add button will show this window:
Here is possible to set a program's name and add and remove TCP and UDP ports (when pressing the Edit button with an user-defined template selected, EasyWall shows this window too).
To add a port (or a port range), just click the Add button, and EasyWall will show this window:
Here, first you choose the port type (TCP or UDP), and then, if want to add a single port, choose its value. But if you want to add a range of ports, just choose Port range instead and set the first and last ports.
The user defined programs will be shown only at the User defined tab, and only these templates can be deleted.
The default firewall template is sufficient for the average user, but is possible that someone wants to modify it to add other things, like NAT, or limit the closed ports to one interface. That's why EasyWall allows to modify the base template that uses to generate the firewall script. To do so, just choose Edit->Preferences, and you will see this window:
Here you can change the template used to generate the firewall script. There are two important keywords here:
The next tab contains the IPTables templates, which defines the iptables commands to be used in each line of the [IPTABLES_LINES] list. The first one is used for TCP and UDP ports, and recognices three keywords:
The second one is used for ICMP packets, and recognices two keywords:
The last tab contains the MODPROBE template, which defines the command to use to load a kernel module. It recognices two keywords:
An interesting thing is that, if you make a mistake, you can always return to the original templates just clicking the Restore templates button. This ensures that you will have always a valid firewall.