🔥 Firewall Fundamentals – A Complete Beginner’s Guide (Windows & Linux)

 


🔥 Firewall Fundamentals – A Complete Beginner’s Guide (Windows & Linux)

In today’s digital world, protecting your system is just as important as locking your house. Just like a security guard monitors who enters and exits a building, a firewall monitors network traffic entering and leaving your device.

In this blog, you’ll learn:

  • What a firewall is

  • Types of firewalls

  • Firewall rules and actions

  • Windows Defender Firewall basics

  • Linux firewall utilities (ufw, iptables, nftables)

  • Answers to key questions (before conclusion)

This article follows clean, educational formatting suitable for publishing platforms and ad-friendly policies.

🔐 What Is a Firewall?

A firewall is a security solution that inspects incoming and outgoing network traffic and decides whether to allow or block it based on predefined security rules.

It acts as a protective barrier between:

  • Your internal system/network

  • The external internet

Its main purpose is to prevent unauthorized access while allowing legitimate communication.

🧱 Types of Firewalls

Firewalls operate at different layers of the OSI model. Let’s explore the most common ones.

1️⃣ Stateless Firewall

4

Key Features:

  • Works on OSI Layer 3 & 4

  • Filters packets based on predefined rules

  • Does NOT track previous connections

Pros:

  • Fast processing

  • Good for high-speed networks

Limitation:

  • Cannot apply complex logic based on connection history

2️⃣ Stateful Firewall

4

Key Features:

  • Operates on OSI Layer 3 & 4

  • Maintains a state table

  • Tracks connection history

Advantages:

  • Smarter filtering

  • Automatically allows packets belonging to established connections

This is more secure than stateless firewalls.

3️⃣ Proxy Firewall (Application-Level Gateway)

4

Key Features:

  • Works on OSI Layer 7

  • Inspects packet content

  • Hides internal IP addresses

  • Provides content filtering

Ideal for inspecting application-level traffic.

4️⃣ Next-Generation Firewall (NGFW)

4

Key Features:

  • Works from Layer 3 to Layer 7

  • Deep Packet Inspection (DPI)

  • Intrusion Prevention System (IPS)

  • SSL/TLS decryption

  • Heuristic threat analysis

This is the most advanced firewall type used in enterprise networks.

⚙️ Firewall Rules and Components

Every firewall rule contains:

  • Source Address – Origin IP

  • Destination Address – Target IP

  • Port – Communication port

  • Protocol – TCP/UDP

  • Action – Allow, Deny, or Forward

  • Direction – Inbound, Outbound, Forward

🎯 Types of Firewall Actions

✅ Allow

Permits traffic that matches the rule.

❌ Deny

Blocks traffic completely.

🔁 Forward

Redirects traffic to another internal system.

🔄 Direction of Rules

📥 Inbound

Applies to incoming traffic.

📤 Outbound

Applies to outgoing traffic.

🔀 Forward

Redirects traffic within networks.

🪟 Windows Defender Firewall Overview

4

Windows Defender Firewall is Microsoft’s built-in firewall available in Windows OS.

Network Profiles:

  • Private Network – Home network settings

  • Public Network – Coffee shops, public WiFi

Key Features:

  • Enable/Disable firewall

  • Allow or block specific applications

  • Create custom inbound/outbound rules

  • Restore default settings

Example:
You can block outgoing HTTP (port 80) and HTTPS (port 443) traffic using custom outbound rules.

🐧 Linux Firewall Utilities

Linux uses a framework called Netfilter.

Let’s explore common utilities:

🔹 iptables

4

  • Widely used firewall utility

  • Built on Netfilter

  • Advanced rule configuration

🔹 nftables

  • Successor to iptables

  • Improved packet filtering

  • Better performance and flexibility

🔹 firewalld

  • Zone-based firewall management

  • Uses predefined rule sets

🔹 ufw (Uncomplicated Firewall)

4

  • Beginner-friendly

  • Simplified syntax

  • Manages iptables in background

Common Commands:

Enable firewall:

sudo ufw enable

Check status:

sudo ufw status

Deny SSH:

ufw deny 22/tcp

Set default deny outgoing:

ufw default deny outgoing

📌 Answers (Before Conclusion)

  1. Which security solution inspects incoming and outgoing traffic?
    Firewall

  2. Which firewall maintains state of connections?
    Stateful firewall

  3. Which firewall offers heuristic analysis?
    Next-generation firewall

  4. Which firewall inspects application traffic?
    Proxy firewall

  5. Which action permits traffic?
    Allow

  6. Direction for traffic leaving network?
    Outbound

  7. Rule name blocking SSH incoming?
    Core Op

  8. Rule allowing SSH from single IP?
    Infra team

  9. Allowed IP under that rule?
    192.168.13.7

  10. Successor of iptables?
    nftables

  11. UFW command to deny all outgoing by default?
    ufw default deny outgoing

✅ Conclusion

Firewalls are the foundation of network security. From basic stateless filtering to advanced Next-Generation Firewalls, each type serves a unique role in protecting systems.

Understanding:

  • Firewall types

  • Rule components

  • Windows and Linux firewall management

is essential for anyone entering cybersecurity.

Whether you're working on TryHackMe labs or building real-world skills, mastering firewall fundamentals is a crucial step toward becoming a security professional.

Comments

Post a Comment

Popular Posts