Awall

awall (Alpine Wall) is the preferred firewall manager for Alpine Linux.

Contents

  1. Awall
    1. Installation
    2. Setup
    3. Configuration
    4. See also

Installation

Alpine offers the awall package.

Setup

awall depends on the iptables API, so the corresponding kernel modules must be loaded. 

modprobe ip_tables
modprobe iptable_nat

The latter is only necessary if NAT rules are used.

To launch the firewall on startup, try: 

rc-update add iptables
rc-update add ip6tables

Configuration

awall loads any files under /etc/awall/optional/ that end in .json as policies.

A simple policy would be: 

{
  "description": "Home firewall",

  "zone": {
    "inet": { "iface": "eth0" },
    "loc": { "iface": "eth1" }
  },

  "policy": [
    { "in": "_fw", "action": "accept" },
    { "in": "loc", "out": "inet", "action": "accept" }
  ],

  "snat": [
    { "out": "inet" }
  ]
}

To enable this policy, try: 

awall list
awall enable my-policy-name
awall activate

See also

How-to Alpine Wall

CategoryRicottone

Awall (last edited 2023-04-04 16:03:49 by DominicRicottone)