====== Replace Ufw firewall with FirewallD on Linux Mint 17 Cinnamon ====== IN **MINT**, **TUTORIALS/TIPS** / ON JUNE 7, 2014 AT 1:08 PM / Ufw (Uncomplicated FireWall) is the firewall application that comes with a default installation of __Linux__ Mint 17 – Cinnamon or MATE. This article shows how to replace it with FirewallD, a firewall application that has support for dynamic rules and network zones. It originated from the**Fedora** project. FirewallD comes with a command-line utility called firewall-cmd, a graphical interface called firewall-config, and an applet called firewall-applet. These instructions are for installing the whole set on the Cinnamon edition. See **this forum post** for how to do the same on Linux Mint 17 MATE. The whole process involves removing or uninstalling Ufw, then installing FirewallD and customizing the default configuration using firewall-config. To start, launch a shell terminal, then type the following command: sudo apt-get remove ufw && sudo apt-get install firewall-applet. The second part of that command will not only install the applet, but will also install the main __application__ (FirewallD) and firewall-config. If you’d rather install them from the distribution’s graphical package manager, launch it, then search for “firewall-applet.” You should be able to install them from there.
Install FirewallD on Linux Mint 17 Cinnamon As part of the installation, the applet is included automatically in the list of __startup__ programs. If you look in the Startup programs module of the distribution’s System Settings, you should see it listed.
Startup programs on Linux Mint 17 Cinnamon This screenshot shows the entries in the applet’s menu on the panel.
Firewall-applet on Linux Mint 17 Cinnamon And this one shows firewall-config. The default __network__ zone is Public, and out of the box, some programs, like ssh, are allowed in. If you installed the SSH server package (openssh-server), you might want to configure the __firewall__ to allow connections to the SSH server only from the local network, or disable ssh from the Permanent and Runtime rules of the Public zone.