UFW on ParrotSec? Any thoughts?


Firewall is one of the biggest necessecity for a secure device. Ive used UFW [uncomplicated firewall] on Mint and Debian before. Loved it. Did the job, was simple to operate, had GUI and was opensource.

Pretty sure most linux users may have heard about it but if someone is new to UFW, heres a wiki link

I thought i would install it on ParrotSec but before i do anything, I would like to know from the community if this is a good idea. Will it break my machine? because ive heard that installing a firewall on a pentesting OS would not be a good idea. On the same hand, i want my machine to be stealth and hidden in open networks.

All suggestions are welcomed.
Thank You! :blush:

People seem to get confused about this a lot, Parrot has a firewall. iptables is installed on your system and it can do everything UFW can do.

UFW is just a wrapper for iptables that makes it easier to use, hence the name ‘uncomplicated firewall’. You can also get a GUI for it called GUFW.

From the ubuntu wiki:

The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled.
Gufw is a GUI that is available as a frontend.

So if you arnt confident with iptables, then installing UFW will make it easier to add rules.


Do you have a link to iptables configuraion?

I have been using GUFW myself. I use it based on some assumptions, such as, the “Home,Office, Public” option deals with local communications. The “Allow Out” allows all outbound communications. Will this setting overrided any Iptables settings that may block some outgoing by default The “Deny In” blocks all incoming communications. (or does it just block unsolicited incomming communications?). I guess my question is, are Iptables safer by default than GUFW as set above?

Thats the thing. Im not sure if it will break my system or network. Which is why i was looking for someone who uses gufw and has decent expreience to let me know if they had any problems running stuff like proxychains and tor and nmap and other stuff.

If they added iptables rules for the tor setup, which are enforced everytime you use anonsurf, I guess using ufw will mess up with the purpose of the anonsurf scripts.

Other tools will run better if you get down the firewall in many cases.
I guess best would be to use ufw and take down any rule from it before using anonsurf.

1 Like

That last one is a question I was interested as well when I started using parrot but never asked… because I never used iptables before so for me any iptables setup is mostly gibberish (starting to understand part of it though)