FoxyFy Firewall — Documentation
FoxyFy Firewall is configured through JSON files. Once rules are defined they are pre compiled into a a rules file.
Config File Location
- /etc/ffg/ffg.conf
- /etc/ffb/ffb.conf
FFG Global Parameters (ffg.conf)
Parameter | Type | Example | Description |
|---|---|---|---|
license | string * | "X123ABE4RF" | License key for FFM. |
enabled | boolean * | true | Firewall enabled/disabled. |
firewall | object * | "firewall": { "default_incoming": "deny", "default_outgoing": "allow" } | Default incoming / outgoing rules. |
rules | object * | "rules": { "allow_tcp": [ 22, 80, 443 ], "allow_udp": [ 443 ] | |
allow_icmp | string * | true | Allow or deny ICMP packages. |
️ FFB Monitor Configuration (ffb.conf)
Parameter | Type | Example | Description |
|---|---|---|---|
ssh | object * | "ssh": { "enabled": true, "logpath": "/var/log/auth.log", "maxretry": 5, "findtime": 600, "bantime": 3600 } | Monitor SSH on port 22, using log path to auth log, block for 3600 sec. (1 hour), after 5 failed requests within 600 sec. (10 min.). |
🛟 Help
- Use unix command like -h, -help parameter to see command instructions
FFG – Example Status
🦊️ FoxyFy Guard v1.0.9
⚙️ Firewall enabled 🟢
TCP allow: [22 80 443 3478 5349]
UDP allow: [443 3478 5349]
ICMP allow: true
Status: active
UFW – Example Status
Status: active
To Action From
-- ------ ----
80 ALLOW Anywhere
443 ALLOW Anywhere
22 ALLOW Anywhere
3478 ALLOW Anywhere
5349 ALLOW Anywhere
443/udp ALLOW Anywhere
80 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
3478 (v6) ALLOW Anywhere (v6)
5349 (v6) ALLOW Anywhere (v6)
443/udp (v6) ALLOW Anywhere (v6)